Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,224
Erlang
31
GitHub Actions
19
Go
1,990
Maven
5,000+
npm
3,706
NuGet
661
pip
3,336
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+

2,235 advisories

Loading
The [field] shortcode included with the Custom Content Shortcode WordPress plugin before 4.0.1,... Moderate Unreviewed
CVE-2021-24824 was published Mar 8, 2022
The UsersWP WordPress plugin before 1.2.3.1 is missing access controls when updating a user... Moderate Unreviewed
CVE-2022-0442 was published Mar 8, 2022
Improper Authorization in GitHub repository salesagility/suitecrm prior to 7.12.5. Moderate Unreviewed
CVE-2022-0756 was published Mar 8, 2022
bluetoothd from bluez incorrectly saves adapters' Discoverable status when a device is powered... Moderate Unreviewed
CVE-2021-3658 was published Mar 4, 2022
Incorrect Authorization in @uppy/companion High
CVE-2022-0528 was published for @uppy/companion (npm) Mar 4, 2022
Improper Access Control to Remote Code Execution in GitHub repository webmin/webmin prior to 1.990. High Unreviewed
CVE-2022-0824 was published Mar 3, 2022
Improper Authorization in GitHub repository webmin/webmin prior to 1.990. High Unreviewed
CVE-2022-0829 was published Mar 3, 2022
Zoho ManageEngine SharePoint Manager Plus before 4329 allows account takeover because... Critical Unreviewed
CVE-2022-24306 was published Mar 3, 2022
JFrog Artifactory before 7.29.3 and 6.23.38, is vulnerable to Broken Access Control, a low... Moderate Unreviewed
CVE-2021-45074 was published Mar 3, 2022
A improper handling of insufficient permissions or privileges in Fortinet FortiAnalyzer version 5... High Unreviewed
CVE-2022-22300 was published Mar 2, 2022
Incorrect Authorization and Exposure of Sensitive Information to an Unauthorized Actor in scrapy Moderate
CVE-2022-0577 was published for scrapy (pip) Mar 1, 2022
ranjit-git
Exposure of Resource to Wrong Sphere in microweber Moderate
CVE-2022-0762 was published for microweber/microweber (Composer) Feb 27, 2022
An issue was discovered in USBGuard before 1.1.0. On systems with the usbguard-dbus daemon... High Unreviewed
CVE-2019-25058 was published Feb 25, 2022
Access Control vulnerability within CoreNLP Critical
CVE-2021-44550 was published for edu.stanford.nlp:stanford-corenlp (Maven) Feb 25, 2022
An incorrect access control issue in HMS v1.0 allows unauthenticated attackers to read and modify... Critical Unreviewed
CVE-2022-25402 was published Feb 25, 2022
The backend infrastructure shared by multiple mobile device monitoring services does not... High Unreviewed
CVE-2022-0732 was published Feb 25, 2022
Improper Authorization in GitHub repository chocobozzz/peertube prior to 4.1.0. Moderate Unreviewed
CVE-2022-0726 was published Feb 24, 2022
Improper Access Control in GitHub repository chocobozzz/peertube prior to 4.1.0. Moderate Unreviewed
CVE-2022-0727 was published Feb 24, 2022
Improper Authorization in dolibarr/dolibarr Moderate
CVE-2022-0731 was published for dolibarr/dolibarr (Composer) Feb 24, 2022
Incorrect Authorization in runc High
CVE-2019-16884 was published for github.com/opencontainers/runc (Go) Feb 22, 2022
The Coming soon and Maintenance mode WordPress plugin before 3.6.8 does not have authorisation... Moderate Unreviewed
CVE-2022-0164 was published Feb 22, 2022
An issue was discovered in Cerebrate through 1.4. An incorrect sharing group ACL allowed an... Moderate Unreviewed
CVE-2022-25318 was published Feb 19, 2022
Multiple flaws were found in the way samba AD DC implemented access and conformance checking of... High Unreviewed
CVE-2020-25722 was published Feb 19, 2022
MMP: All versions prior to v1.0.3, PTP C-series: Device versions prior to v2.8.6.1, and PTMP C... Critical Unreviewed
CVE-2022-21196 was published Feb 19, 2022
MMP: All versions prior to v1.0.3, PTP C-series: Device versions prior to v2.8.6.1, and PTMP C... Critical Unreviewed
CVE-2022-21141 was published Feb 19, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database