GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
242 advisories
Filter by severity
An Improper Access Control Vulnerability in the SMA100 series leads to multiple restricted...
High
Unreviewed
CVE-2021-20050
was published
Dec 24, 2021
There is an unauthorized access vulnerability in system components. Successful exploitation of...
High
Unreviewed
CVE-2021-40051
was published
Mar 11, 2022
Improper access control vulnerability in McAfee WebAdvisor Chrome and Edge browser extensions up...
High
Unreviewed
CVE-2022-0815
was published
Mar 12, 2022
An information disclosure issue was addressed with improved state management. This issue is fixed...
High
Unreviewed
CVE-2022-22579
was published
Mar 19, 2022
BigAnt Software BigAnt Server v5.6.06 was discovered to contain incorrect access control.
High
Unreviewed
CVE-2022-23345
was published
Mar 22, 2022
Piwigo v12.2.0 was discovered to contain an information leak via the action parameter in /admin...
High
Unreviewed
CVE-2022-26267
was published
Mar 20, 2022
IBM SterlingPartner Engagement Manager 6.2.0 could allow a remote authenticated attacker to...
High
Unreviewed
CVE-2022-22331
was published
Apr 2, 2022
A remote, unauthenticated attacker could utilize the control programmer of the CODESYS Control...
High
Unreviewed
CVE-2022-22515
was published
Apr 8, 2022
MyHuawei-App has a Exposure of Sensitive Information to an Unauthorized Actor vulnerability...
High
Unreviewed
CVE-2021-39972
was published
Jan 4, 2022
Improper access control while doing XPU re-configuration dynamically can lead to unauthorized...
High
Unreviewed
CVE-2021-30276
was published
Jan 4, 2022
BeyondTrust AppGuard Enterprise through 6.6.20.2 creates a Temporary File in a Directory with...
High
Unreviewed
CVE-2021-42255
was published
Apr 13, 2022
Dell PowerScale OneFS 8.2.2 and above contain an elevation of privilege vulnerability. A local...
High
Unreviewed
CVE-2022-24411
was published
Apr 13, 2022
A PHP Local File Inclusion vulneraility in the default Redbasic theme for Hubzilla before version...
High
Unreviewed
CVE-2022-27257
was published
Apr 16, 2022
Verizon LVSKIHP 5G outside devices through 2022-02-15 allow anyone (knowing the device's serial...
High
Unreviewed
CVE-2022-28376
was published
Apr 4, 2022
In startIpClient of ClientModeImpl.java, there is a possible identifier which could be used to...
High
Unreviewed
CVE-2021-0466
was published
May 24, 2022
Istio before 1.9.6 and 1.10.x before 1.10.2 has Incorrect Access Control.
High
Unreviewed
CVE-2021-34824
was published
May 24, 2022
muc.lib.lua in Prosody 0.11.0 through 0.11.9 allows remote attackers to obtain sensitive...
High
Unreviewed
CVE-2021-37601
was published
May 24, 2022
In cPanel before 96.0.13, scripts/fix-cpanel-perl mishandles the creation of temporary files (SEC...
High
Unreviewed
CVE-2021-38587
was published
May 24, 2022
Exim 4 before 4.94.2 allows Exposure of File Descriptor to Unintended Control Sphere because...
High
Unreviewed
CVE-2020-28012
was published
May 24, 2022
An information disclosure vulnerability in GitLab EE versions 13.11 and later allowed a project...
High
Unreviewed
CVE-2021-22215
was published
May 24, 2022
There is an Information Disclosure Vulnerability in Huawei Smartphone.Successful exploitation of...
High
Unreviewed
CVE-2021-22446
was published
May 24, 2022
NVIDIA GeForce Experience, all versions prior to 3.23, contains a vulnerability where, if a user...
High
Unreviewed
CVE-2021-1073
was published
May 24, 2022
Incorrect Access Control in Zammad 1.0.x up to 4.0.0 allows attackers to obtain sensitive...
High
Unreviewed
CVE-2021-35299
was published
May 24, 2022
LINE client for iOS before 11.15.0 might expose authentication information for a certain service...
High
Unreviewed
CVE-2021-41011
was published
May 24, 2022
An exploitable local privilege elevation vulnerability exists in the file system permissions of...
High
Unreviewed
CVE-2018-4048
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API