GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,638
Composer 5,007
Erlang 39
GitHub Actions 38
Go 2,645
Maven 6,108
npm 4,271
NuGet 760
pip 4,065
Pub 12
RubyGems 957
Rust 1,057
Swift 45

Unreviewed advisories

All unreviewed 277,136

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

1,388 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

A vulnerability exists in Online Student Rate System v1.0 that allows any user to register as an... Critical Unreviewed

CVE-2021-39409 was published Jun 25, 2022

In Nagios XI through 5.8.5, a read-only Nagios user (due to an incorrect permission check) is... Moderate Unreviewed

CVE-2022-29271 was published Jun 30, 2022

It was reported that watchman in openshift node-utils creates /var/run/watchman.pid and /var/log... Moderate Unreviewed

CVE-2014-0068 was published Jul 1, 2022

PingID Windows Login prior to 2.8 does not properly set permissions on the Windows Registry... Moderate Unreviewed

CVE-2022-23725 was published Jul 1, 2022

A critical issue has been discovered in GitLab affecting all versions starting from 14.0 prior to... Critical Unreviewed

CVE-2022-2185 was published Jul 2, 2022

Improper access control in the runner jobs API in GitLab CE/EE affecting all versions prior to 14... Moderate Unreviewed

CVE-2022-2227 was published Jul 2, 2022

Improper input validation vulnerability in Scheduler of Cybozu Garoon 4.0.0 to 5.5.1 allows a... Moderate Unreviewed

CVE-2022-28692 was published Jul 5, 2022

Browse restriction bypass and operation restriction bypass vulnerability in Cabinet of Cybozu... Moderate Unreviewed

CVE-2022-26368 was published Jul 5, 2022

Improper input validation vulnerability in Link of Cybozu Garoon 4.0.0 to 5.5.1 allows a remote... Moderate Unreviewed

CVE-2022-27807 was published Jul 5, 2022

Operation restriction bypass vulnerability in Link of Cybozu Garoon 4.0.0 to 5.5.1 allows a... Moderate Unreviewed

CVE-2022-26054 was published Jul 5, 2022

Operation restriction bypass vulnerability in Portal of Cybozu Garoon 4.0.0 to 5.5.1 allows a... Moderate Unreviewed

CVE-2022-26051 was published Jul 5, 2022

Mini-Tmall v1.0 is vulnerable to Insecure Permissions via tomcat-embed-jasper. High Unreviewed

CVE-2022-30929 was published Jul 7, 2022

An issue has been discovered in Novastar-VNNOX-iCare Novaicare 7.16.0 that gives attacker... High Unreviewed

CVE-2021-38289 was published Jul 13, 2022

Improper access control vulnerability in TelephonyUI prior to SMR Jul-2022 Release 1 allows... Low Unreviewed

CVE-2022-33689 was published Jul 13, 2022

Use of improper permission in InputManagerService prior to SMR Jul-2022 Release 1 allows... High Unreviewed

CVE-2022-33695 was published Jul 13, 2022

In Car Settings app, the NotificationAccessConfirmationActivity is exported. In... High Unreviewed

CVE-2022-20234 was published Jul 14, 2022

This vulnerability allows local attackers to escalate privileges on affected installations of... High Unreviewed

CVE-2022-34891 was published Jul 19, 2022

Dataease before 1.11.2 access control issue allows attackers to arbitrarily uninstall plugin Moderate

CVE-2022-34112 was published for io.dataease:dataease-plugin-common (Maven) Jul 23, 2022

An Incorrect Permission Assignment for Critical Resource flaw was found in Horizon on Red Hat... Moderate Unreviewed

CVE-2022-1655 was published Jul 23, 2022

Ovarro TBox proprietary Modbus file access functions allow attackers to read, alter, or delete... Critical Unreviewed

CVE-2021-22648 was published Jul 29, 2022

Affected versions of Atlassian Jira Service Management Server and Data Center allow remote... Moderate Unreviewed

CVE-2022-36800 was published Aug 4, 2022

In Moodle before 3.8.2, 3.7.5, 3.6.9 and 3.5.11, users viewing the grade history report without... Moderate Unreviewed

CVE-2020-1754 was published Aug 6, 2022

Gitea allowed assignment of private issues Moderate

CVE-2022-38183 was published for code.gitea.io/gitea (Go) Aug 13, 2022

In AppWidget, there is a possible way to start an activity from the background due to a missing... High Unreviewed

CVE-2022-20282 was published Aug 13, 2022

In ActivityManager, there is a possible way to check another process's capabilities due to a... Low Unreviewed

CVE-2022-20262 was published Aug 13, 2022

Previous 1…34…56 Next

Previous 1 2 … 32 33 34 35 36 … 55 56 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

1,388 advisories