Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,170
Erlang
30
GitHub Actions
19
Go
1,981
Maven
5,000+
npm
3,700
NuGet
656
pip
3,319
Pub
11
RubyGems
882
Rust
832
Swift
35
Unreviewed advisories
All unreviewed
5,000+

821 advisories

Loading
An issue was discovered in dst-admin v1.3.0. The product has an unauthorized arbitrary file... High Unreviewed
CVE-2021-44586 was published Jan 11, 2022
Improper authorization vulnerability in Galaxy Store prior to 4.5.36.5 allows remote app... High Unreviewed
CVE-2022-22288 was published Jan 11, 2022
An issue has recently been discovered in Arista EOS where, under certain conditions, the service... High Unreviewed
CVE-2021-28507 was published Jan 15, 2022
An issue has recently been discovered in Arista EOS where the incorrect use of EOS's AAA API’s by... High Unreviewed
CVE-2021-28500 was published Jan 15, 2022
An issue has recently been discovered in Arista EOS where the incorrect use of EOS's AAA API’s by... High Unreviewed
CVE-2021-28501 was published Jan 15, 2022
AX3600 router sensitive information leaked.There is an unauthorized interface through luci to... High Unreviewed
CVE-2020-14110 was published Jan 19, 2022
Allwinner R818 SoC Android Q SDK V1.0 is affected by an incorrect access control vulnerability... High Unreviewed
CVE-2021-38789 was published Jan 20, 2022
The Protect WP Admin WordPress plugin before 3.6.2 does not check for authorisation in the lib... High Unreviewed
CVE-2021-24906 was published Jan 25, 2022
On BIG-IQ Centralized Management 8.x before 8.1.0, an authenticated administrative role user on a... High Unreviewed
CVE-2022-23009 was published Jan 26, 2022
arm: guest_physmap_remove_page not removing the p2m mappings The functions to remove one or more... High Unreviewed
CVE-2022-23033 was published Jan 26, 2022
A file disclosure vulnerability in the UploadedImageDisplay.aspx endpoint of SelectSurvey.NET... High Unreviewed
CVE-2021-41608 was published Jan 29, 2022
Incorrect Authorization in NATS nats-server High
CVE-2022-24450 was published for github.com/nats-io/nats-server/v2 (Go) Feb 8, 2022
Churro andrewpollock
Improper Privilege Management in Apache Hadoop High
CVE-2020-9492 was published for org.apache.hadoop:hadoop-common (Maven) Feb 9, 2022
ESET products for Windows allows untrusted process to impersonate the client of a pipe, which can... High Unreviewed
CVE-2021-37852 was published Feb 10, 2022
Local privilege escalation via named pipe due to improper access control checks. The following... High Unreviewed
CVE-2021-44204 was published Feb 10, 2022
With certain LDAP configurations, Zammad 5.0.1 was found to be vulnerable to unauthorized access... High Unreviewed
CVE-2021-43145 was published Feb 10, 2022
An Improper Access Control vulnerability exists in Citrix Workspace App for Linux 2012 - 2111... High Unreviewed
CVE-2022-21825 was published Feb 11, 2022
Improper access control in a third-party component of Intel(R) Quartus(R) Prime Pro Edition... High Unreviewed
CVE-2022-21174 was published Feb 11, 2022
There is a permission verification vulnerability in the Bluetooth module.Successful exploitation... High Unreviewed
CVE-2021-40044 was published Feb 11, 2022
There is a security protection bypass vulnerability with the modem.Successful exploitation of... High Unreviewed
CVE-2021-37109 was published Feb 11, 2022
Improper access control in the Intel(R) Advisor software before version 2021.2 may allow an... High Unreviewed
CVE-2021-23152 was published Feb 11, 2022
Improper access control in firmware for Intel(R) PROSet/Wireless Wi-Fi in multiple operating... High Unreviewed
CVE-2021-0164 was published Feb 11, 2022
Drupal core access bypass vulnerability High
CVE-2020-13677 was published for drupal/core (Composer) Feb 12, 2022
cmd/go in Go before 1.16.14 and 1.17.x before 1.17.7 can misinterpret branch names that falsely... High Unreviewed
CVE-2022-23773 was published Feb 12, 2022
antd-admin 5.5.0 is affected by an incorrect access control vulnerability. Unauthorized access to... High Unreviewed
CVE-2021-46371 was published Feb 15, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database