GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,709
Composer 4,237
Erlang 31
GitHub Actions 21
Go 2,001
Maven 5,183
npm 3,713
NuGet 661
pip 3,384
Pub 11
RubyGems 885
Rust 849
Swift 36

Unreviewed advisories

All unreviewed 235,517

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

700 advisories

Filter by severity

Sort by

Least recently updated

Improper access control on the LocalClientList.asp interface allows an unauthenticated remote... High Unreviewed

CVE-2022-25214 was published Mar 11, 2022

Improper Access Control to Remote Code Execution in GitHub repository webmin/webmin prior to 1.990. High Unreviewed

CVE-2022-0824 was published Mar 3, 2022

Improper Authorization in GitHub repository webmin/webmin prior to 1.990. High Unreviewed

CVE-2022-0829 was published Mar 3, 2022

A improper handling of insufficient permissions or privileges in Fortinet FortiAnalyzer version 5... High Unreviewed

CVE-2022-22300 was published Mar 2, 2022

An issue was discovered in USBGuard before 1.1.0. On systems with the usbguard-dbus daemon... High Unreviewed

CVE-2019-25058 was published Feb 25, 2022

The backend infrastructure shared by multiple mobile device monitoring services does not... High Unreviewed

CVE-2022-0732 was published Feb 25, 2022

Multiple flaws were found in the way samba AD DC implemented access and conformance checking of... High Unreviewed

CVE-2020-25722 was published Feb 19, 2022

VMware ESXi contains an unauthorized access vulnerability due to VMX having access to settingsd... High Unreviewed

CVE-2021-22042 was published Feb 17, 2022

It was found that polkit could be tricked into bypassing the credential checks for D-Bus requests... High Unreviewed

CVE-2021-3560 was published Feb 17, 2022

antd-admin 5.5.0 is affected by an incorrect access control vulnerability. Unauthorized access to... High Unreviewed

CVE-2021-46371 was published Feb 15, 2022

cmd/go in Go before 1.16.14 and 1.17.x before 1.17.7 can misinterpret branch names that falsely... High Unreviewed

CVE-2022-23773 was published Feb 12, 2022

Improper access control in firmware for Intel(R) PROSet/Wireless Wi-Fi in multiple operating... High Unreviewed

CVE-2021-0164 was published Feb 11, 2022

Improper access control in the Intel(R) Advisor software before version 2021.2 may allow an... High Unreviewed

CVE-2021-23152 was published Feb 11, 2022

There is a security protection bypass vulnerability with the modem.Successful exploitation of... High Unreviewed

CVE-2021-37109 was published Feb 11, 2022

There is a permission verification vulnerability in the Bluetooth module.Successful exploitation... High Unreviewed

CVE-2021-40044 was published Feb 11, 2022

Improper access control in a third-party component of Intel(R) Quartus(R) Prime Pro Edition... High Unreviewed

CVE-2022-21174 was published Feb 11, 2022

An Improper Access Control vulnerability exists in Citrix Workspace App for Linux 2012 - 2111... High Unreviewed

CVE-2022-21825 was published Feb 11, 2022

With certain LDAP configurations, Zammad 5.0.1 was found to be vulnerable to unauthorized access... High Unreviewed

CVE-2021-43145 was published Feb 10, 2022

Local privilege escalation via named pipe due to improper access control checks. The following... High Unreviewed

CVE-2021-44204 was published Feb 10, 2022

ESET products for Windows allows untrusted process to impersonate the client of a pipe, which can... High Unreviewed

CVE-2021-37852 was published Feb 10, 2022

A file disclosure vulnerability in the UploadedImageDisplay.aspx endpoint of SelectSurvey.NET... High Unreviewed

CVE-2021-41608 was published Jan 29, 2022

arm: guest_physmap_remove_page not removing the p2m mappings The functions to remove one or more... High Unreviewed

CVE-2022-23033 was published Jan 26, 2022

On BIG-IQ Centralized Management 8.x before 8.1.0, an authenticated administrative role user on a... High Unreviewed

CVE-2022-23009 was published Jan 26, 2022

The Protect WP Admin WordPress plugin before 3.6.2 does not check for authorisation in the lib... High Unreviewed

CVE-2021-24906 was published Jan 25, 2022

Allwinner R818 SoC Android Q SDK V1.0 is affected by an incorrect access control vulnerability... High Unreviewed

CVE-2021-38789 was published Jan 20, 2022

Previous 1 2 … 24 25 26 27 28 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

700 advisories