GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,083
Erlang
29
GitHub Actions
19
Go
1,909
Maven
5,000+
npm
3,643
NuGet
638
pip
3,260
Pub
10
RubyGems
869
Rust
820
Swift
35
Unreviewed advisories
All unreviewed
5,000+
2,055 advisories
Filter by severity
An issue has recently been discovered in Arista EOS where the incorrect use of EOS's AAA API’s by...
High
Unreviewed
CVE-2021-28500
was published
Jan 15, 2022
An issue has recently been discovered in Arista EOS where certain gNOI APIs incorrectly skip...
Critical
Unreviewed
CVE-2021-28506
was published
Jan 15, 2022
An issue has recently been discovered in Arista EOS where, under certain conditions, the service...
High
Unreviewed
CVE-2021-28507
was published
Jan 15, 2022
An issue was discovered in SysAid ITIL 20.4.74 b10. The /enduserreg endpoint is used to register...
Moderate
Unreviewed
CVE-2021-43974
was published
Jan 12, 2022
Secure Boot Security Feature Bypass Vulnerability.
Moderate
Unreviewed
CVE-2022-21894
was published
Jan 12, 2022
Windows Extensible Firmware Interface Security Feature Bypass Vulnerability.
Moderate
Unreviewed
CVE-2022-21899
was published
Jan 12, 2022
Local Security Authority (Domain Policy) Remote Protocol Security Feature Bypass.
Moderate
Unreviewed
CVE-2022-21913
was published
Jan 12, 2022
Improper authorization in TelephonyManager prior to SMR Jan-2022 Release 1 allows attackers to...
Low
Unreviewed
CVE-2022-22272
was published
Jan 11, 2022
Improper authorization vulnerability in Galaxy Store prior to 4.5.36.5 allows remote app...
High
Unreviewed
CVE-2022-22288
was published
Jan 11, 2022
An issue was discovered in dst-admin v1.3.0. The product has an unauthorized arbitrary file...
High
Unreviewed
CVE-2021-44586
was published
Jan 11, 2022
bookstack is vulnerable to Improper Access Control
Moderate
CVE-2021-4194
was published
for
ssddanbrown/bookstack
(Composer)
Jan 8, 2022
Incorrect Authorization in latte/latte
Critical
CVE-2021-23803
was published
for
latte/latte
(Composer)
Jan 6, 2022
Improper Authorization in Keycloak
High
CVE-2021-4133
was published
for
org.keycloak:keycloak-services
(Maven)
Jan 6, 2022
Incorrect authorization vulnerability in KONICA MINOLTA bizhub series (bizhub C750i G00-35 and...
Moderate
Unreviewed
CVE-2021-20868
was published
Jan 5, 2022
Glewlwyd 2.0.0, fixed in 2.6.1 is affected by an incorrect access control vulnerability. One user...
High
Unreviewed
CVE-2021-45379
was published
Dec 31, 2021
Trendnet AC2600 TEW-827DRU version 2.08B01 does not have sufficient access controls for the WAN...
Critical
Unreviewed
CVE-2021-20149
was published
Dec 31, 2021
PI Vision could disclose information to a user with insufficient privileges for an AF attribute...
Unknown
Unreviewed
CVE-2021-3090
was published
Dec 29, 2021
Insufficient policy enforcement in background fetch in Google Chrome prior to 96.0.4664.45...
High
Unreviewed
CVE-2021-38016
was published
Dec 24, 2021
Insufficient policy enforcement in iframe sandbox in Google Chrome prior to 96.0.4664.45 allowed...
High
Unreviewed
CVE-2021-38017
was published
Dec 24, 2021
Insufficient policy enforcement in contacts picker in Google Chrome on Android prior to 96.0.4664...
Moderate
Unreviewed
CVE-2021-38020
was published
Dec 24, 2021
Insufficient policy enforcement in CORS in Google Chrome prior to 96.0.4664.45 allowed a remote...
Moderate
Unreviewed
CVE-2021-38019
was published
Dec 24, 2021
NVIDIA GeForce Experience contains a vulnerability in user authorization, where GameStream does...
High
Unreviewed
CVE-2021-23175
was published
Dec 24, 2021
Stormshield Endpoint Security 2.x before 2.1.2 has Incorrect Access Control.
Moderate
Unreviewed
CVE-2021-45089
was published
Dec 22, 2021
Stormshield Endpoint Security from 2.1.0 to 2.1.1 has Incorrect Access Control.
Moderate
Unreviewed
CVE-2021-45091
was published
Dec 22, 2021
Dalmark Systems Systeam 2.22.8 build 1724 is vulnerable to Incorrect Access Control. The Systeam...
High
Unreviewed
CVE-2021-44877
was published
Dec 22, 2021
ProTip!
Advisories are also available from the
GraphQL API