GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,224
Erlang
31
GitHub Actions
19
Go
1,990
Maven
5,000+
npm
3,706
NuGet
661
pip
3,336
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
1,846 advisories
Filter by severity
IBM Security Verify Access 10.0.0.0, 10.0.1.0 and 10.0.2.0 with the advanced access control...
Critical
Unreviewed
CVE-2021-39070
was published
Feb 3, 2022
The LabTools WordPress plugin through 1.0 does not have proper authorisation and CSRF check in...
Moderate
Unreviewed
CVE-2021-25097
was published
Feb 2, 2022
A file disclosure vulnerability in the UploadedImageDisplay.aspx endpoint of SelectSurvey.NET...
High
Unreviewed
CVE-2021-41608
was published
Jan 29, 2022
arm: guest_physmap_remove_page not removing the p2m mappings The functions to remove one or more...
High
Unreviewed
CVE-2022-23033
was published
Jan 26, 2022
On BIG-IQ Centralized Management 8.x before 8.1.0, an authenticated administrative role user on a...
High
Unreviewed
CVE-2022-23009
was published
Jan 26, 2022
The WP Post Page Clone WordPress plugin before 1.2 allows users with a role as low as Contributor...
Moderate
Unreviewed
CVE-2021-24733
was published
Jan 25, 2022
The Protect WP Admin WordPress plugin before 3.6.2 does not check for authorisation in the lib...
High
Unreviewed
CVE-2021-24906
was published
Jan 25, 2022
IBM Cognos Controller 10.4.0, 10.4.1, and 10.4.2 could be vulnerable to unauthorized...
Critical
Unreviewed
CVE-2020-4877
was published
Jan 22, 2022
A traffic classification vulnerability in Juniper Networks Junos OS on the SRX Series Services...
Critical
Unreviewed
CVE-2022-22157
was published
Jan 20, 2022
A traffic classification vulnerability in Juniper Networks Junos OS on the SRX Series Services...
Critical
Unreviewed
CVE-2022-22167
was published
Jan 20, 2022
Allwinner R818 SoC Android Q SDK V1.0 is affected by an incorrect access control vulnerability...
High
Unreviewed
CVE-2021-38789
was published
Jan 20, 2022
AX3600 router sensitive information leaked.There is an unauthorized interface through luci to...
High
Unreviewed
CVE-2020-14110
was published
Jan 19, 2022
Mattermost 6.1 and earlier fails to sufficiently validate permissions while viewing archived...
Moderate
Unreviewed
CVE-2021-37864
was published
Jan 19, 2022
An issue has been discovered in GitLab CE/EE affecting all versions starting with 12.3. Under...
Moderate
Unreviewed
CVE-2022-0172
was published
Jan 19, 2022
An issue was discovered in Delta RM 1.2. The /risque/risque/workflow/reset endpoint is lacking...
Moderate
Unreviewed
CVE-2021-44836
was published
Jan 19, 2022
An issue has recently been discovered in Arista EOS where the incorrect use of EOS's AAA API’s by...
High
Unreviewed
CVE-2021-28500
was published
Jan 15, 2022
An issue has recently been discovered in Arista EOS where the incorrect use of EOS's AAA API’s by...
High
Unreviewed
CVE-2021-28501
was published
Jan 15, 2022
An issue has recently been discovered in Arista EOS where, under certain conditions, the service...
High
Unreviewed
CVE-2021-28507
was published
Jan 15, 2022
An issue has recently been discovered in Arista EOS where certain gNOI APIs incorrectly skip...
Critical
Unreviewed
CVE-2021-28506
was published
Jan 15, 2022
An issue was discovered in SysAid ITIL 20.4.74 b10. The /enduserreg endpoint is used to register...
Moderate
Unreviewed
CVE-2021-43974
was published
Jan 12, 2022
Secure Boot Security Feature Bypass Vulnerability.
Moderate
Unreviewed
CVE-2022-21894
was published
Jan 12, 2022
Windows Extensible Firmware Interface Security Feature Bypass Vulnerability.
Moderate
Unreviewed
CVE-2022-21899
was published
Jan 12, 2022
Local Security Authority (Domain Policy) Remote Protocol Security Feature Bypass.
Moderate
Unreviewed
CVE-2022-21913
was published
Jan 12, 2022
Improper authorization in TelephonyManager prior to SMR Jan-2022 Release 1 allows attackers to...
Low
Unreviewed
CVE-2022-22272
was published
Jan 11, 2022
Improper authorization vulnerability in Galaxy Store prior to 4.5.36.5 allows remote app...
High
Unreviewed
CVE-2022-22288
was published
Jan 11, 2022
ProTip!
Advisories are also available from the
GraphQL API