GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,740
Composer 4,239
Erlang 31
GitHub Actions 21
Go 2,007
Maven 5,196
npm 3,716
NuGet 662
pip 3,388
Pub 11
RubyGems 885
Rust 851
Swift 36

Unreviewed advisories

All unreviewed 235,871

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

701 advisories

Filter by severity

Sort by

Least recently updated

A permission bypass vulnerability exists when the NFC CAs access the TEE.Successful exploitation... High Unreviewed

CVE-2022-22254 was published Apr 12, 2022

Improper access control vulnerability in FactoryCamera prior to version 2.1.96 allows attacker to... High Unreviewed

CVE-2022-27838 was published Apr 12, 2022

Improper access control vulnerability in Galaxy Store prior to version 4.5.36.4 allows attacker... High Unreviewed

CVE-2022-28776 was published Apr 12, 2022

An unauthorized file creation vulnerability in Telesquare TLR-2855KS6 via PUT method can allow... High Unreviewed

CVE-2021-46418 was published Apr 8, 2022

A vulnerability in the Common Execution Environment (CEE) ConfD CLI of Cisco Ultra Cloud Core -... High Unreviewed

CVE-2022-20762 was published Apr 7, 2022

Seyeon Tech Co., Ltd FlexWATCH FW3170-PS-E Network Video System 4.23-3000_GY allows attackers to... High Unreviewed

CVE-2022-25584 was published Apr 6, 2022

Xerox ColorQube 8580 was discovered to contain an access control issue which allows attackers to... High Unreviewed

CVE-2022-26572 was published Apr 5, 2022

On Arista Strata family products which have “TCAM profile” feature enabled when Port IPv4 access... High Unreviewed

CVE-2021-28504 was published Apr 3, 2022

Rockwell Automation FactoryTalk Services Platform v6.11 and earlier, if FactoryTalk Security is... High Unreviewed

CVE-2021-32960 was published Apr 3, 2022

Incorrect access control in NexusPHP 1.5.beta5.20120707 allows unauthorized attackers to access... High Unreviewed

CVE-2020-24771 was published Mar 31, 2022

In PackageManager, there is a possible way to update the last usage time of another package due... High Unreviewed

CVE-2021-39743 was published Mar 31, 2022

In WindowManager, there is a possible way to start non-exported and protected activities due to a... High Unreviewed

CVE-2021-39749 was published Mar 31, 2022

In PackageManager, there is a possible way to change the splash screen theme of other apps due to... High Unreviewed

CVE-2021-39750 was published Mar 31, 2022

In Telecom, there is a possible leak of TTY mode change due to a missing permission check. This... High Unreviewed

CVE-2021-39789 was published Mar 31, 2022

An improper authorization handling flaw was found in Foreman. The Salt plugin for the smart-proxy... High Unreviewed

CVE-2021-3456 was published Mar 31, 2022

In Dialer, there is a possible way to manipulate visual voicemail settings due to a missing... High Unreviewed

CVE-2021-39790 was published Mar 31, 2022

In incfs, there is a possible way of mounting on arbitrary paths due to a missing permission... High Unreviewed

CVE-2022-20002 was published Mar 31, 2022

Rockwell Automation FactoryTalk AssetCentre v10.00 and earlier does not properly restrict all... High Unreviewed

CVE-2021-27474 was published Mar 24, 2022

A flaw was found in Quarkus. The state and potentially associated permissions can leak from one... High Unreviewed

CVE-2022-0981 was published Mar 24, 2022

The Advanced Contact form 7 DB WordPress plugin before 1.8.7 does not have authorisation nor CSRF... High Unreviewed

CVE-2021-24905 was published Mar 22, 2022

This issue was addressed with improved checks. This issue is fixed in watchOS 8.5, iOS 15.4 and... High Unreviewed

CVE-2022-22618 was published Mar 19, 2022

In Gradle Enterprise before 2021.4.2, the default built-in build cache configuration allowed... High Unreviewed

CVE-2022-25364 was published Mar 18, 2022

Timescale TimescaleDB 1.x and 2.x before 2.5.2 may allow privilege escalation during extension... High Unreviewed

CVE-2022-24128 was published Mar 14, 2022

An issue was discovered in Luna Simo PPR1.180610.011/202001031830. A pre-installed app with a... High Unreviewed

CVE-2021-41850 was published Mar 13, 2022

It was discovered that the SteelCentral AppInternals Dynamic Sampling Agent (DSA) uses the "... High Unreviewed

CVE-2021-42855 was published Mar 11, 2022

Previous 1 2 … 24 25 26 27 28 29 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

701 advisories