GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,262
Erlang
31
GitHub Actions
21
Go
2,024
Maven
5,000+
npm
3,731
NuGet
662
pip
3,407
Pub
12
RubyGems
891
Rust
864
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
533 advisories
Filter by severity
'Root Service' service implemented in the following Yokogawa Electric products creates some named...
High
Unreviewed
CVE-2022-22148
was published
Mar 12, 2022
The matchmaking servers of Bandai Namco FromSoftware Dark Souls III through 2022-03-19 allow...
High
Unreviewed
CVE-2022-24125
was published
Mar 21, 2022
Synaman v5.1 and below was discovered to contain weak file permissions which allows authenticated...
High
Unreviewed
CVE-2022-26250
was published
Apr 7, 2022
BigAnt Server v5.6.06 was discovered to contain an incorrect access control issue.
High
Unreviewed
CVE-2022-26281
was published
Apr 6, 2022
ColorOS pregrant dangerous permissions to apps which are listed in a whitelist xml named default...
High
Unreviewed
CVE-2021-23244
was published
Dec 28, 2021
The SysDrv3S driver in the CODESYS Control runtime system on Microsoft Windows allows any system...
High
Unreviewed
CVE-2022-22516
was published
Apr 8, 2022
controller/org.controller/org.controller.js in the CVE Services API 1.1.1 before...
High
Unreviewed
CVE-2021-46561
was published
Feb 8, 2022
A vulnerability has been identified in SIMATIC Energy Manager Basic (All versions < V7.3 Update 1...
High
Unreviewed
CVE-2022-23448
was published
Apr 13, 2022
In multiple locations of MediaProvider.java , there is a possible way to get read/write access to...
High
Unreviewed
CVE-2021-39795
was published
Apr 13, 2022
An issue was discovered in CALDERA 2.8.1. It does not properly segregate user privileges,...
High
Unreviewed
CVE-2021-42562
was published
Jan 13, 2022
VMware Workspace ONE Access, Identity Manager and vRealize Automation contain two remote code...
High
Unreviewed
CVE-2022-22958
was published
Apr 14, 2022
An insecure modification flaw in the /etc/passwd file was found in the openjdk-1.8 and openjdk-11...
High
Unreviewed
CVE-2021-20264
was published
May 24, 2022
An exploitable local privilege elevation vulnerability exists in the file system permissions of...
High
Unreviewed
CVE-2018-4049
was published
May 13, 2022
Sunnet eHRD has broken access control vulnerability, which allows a remote attacker to access...
High
Unreviewed
CVE-2021-43359
was published
Dec 2, 2021
An exploitable local privilege escalation vulnerability exists in the privileged helper tool of...
High
Unreviewed
CVE-2018-4050
was published
May 13, 2022
An exploitable firmware update vulnerability exists in the NT9665X Chipset firmware running on...
High
Unreviewed
CVE-2018-4028
was published
May 24, 2022
Mesa Labs AmegaView Versions 3.0 and prior has insecure file permissions that could be exploited...
High
Unreviewed
CVE-2021-27445
was published
Dec 22, 2021
In various methods of WifiNetworkSuggestionsManager.java, there is a possible modification of...
High
Unreviewed
CVE-2021-0390
was published
May 24, 2022
SonLogger before 6.4.1 is affected by user creation with any user permissions profile (e.g.,...
High
Unreviewed
CVE-2021-27963
was published
May 24, 2022
Grafana Enterprise 7.2.x and 7.3.x before 7.3.10 and 7.4.x before 7.4.5 allows a dashboard editor...
High
Unreviewed
CVE-2021-27962
was published
May 24, 2022
Multiple files and folders in Utimaco SecurityServer 4.20.0.4 and 4.31.1.0. are installed with...
High
Unreviewed
CVE-2020-26155
was published
May 24, 2022
IBM Security Identity Manager 7.0.2 could allow an authenticated user to bypass security and...
High
Unreviewed
CVE-2021-29686
was published
May 24, 2022
Improper access control vulnerability in ELECOM LD-PS/U1 allows remote attackers to change the...
High
Unreviewed
CVE-2021-20643
was published
May 24, 2022
In archiveStoredConversation of MmsService.java, there is a possible way to archive message...
High
Unreviewed
CVE-2021-0539
was published
May 24, 2022
Talk 4 in Coral before 4.12.1 allows remote attackers to discover e-mail addresses and other...
High
Unreviewed
CVE-2021-35970
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API