Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+

836 advisories

Loading
A improper handling of insufficient permissions or privileges in Fortinet FortiAnalyzer version 5... High Unreviewed
CVE-2022-22300 was published Mar 2, 2022
An issue was discovered in USBGuard before 1.1.0. On systems with the usbguard-dbus daemon... High Unreviewed
CVE-2019-25058 was published Feb 25, 2022
The backend infrastructure shared by multiple mobile device monitoring services does not... High Unreviewed
CVE-2022-0732 was published Feb 25, 2022
Incorrect Authorization in runc High
CVE-2019-16884 was published for github.com/opencontainers/runc (Go) Feb 22, 2022
Multiple flaws were found in the way samba AD DC implemented access and conformance checking of... High Unreviewed
CVE-2020-25722 was published Feb 19, 2022
VMware ESXi contains an unauthorized access vulnerability due to VMX having access to settingsd... High Unreviewed
CVE-2021-22042 was published Feb 17, 2022
It was found that polkit could be tricked into bypassing the credential checks for D-Bus requests... High Unreviewed
CVE-2021-3560 was published Feb 17, 2022
Improper Access Control in librenms High
CVE-2022-0580 was published for librenms/librenms (Composer) Feb 16, 2022
Reject unauthorized access with GitHub PATs High
CVE-2021-21432 was published for github.com/go-vela/server (Go) Feb 15, 2022
JordanSussman
Duplicate Advisory: Incorrect Access Control in github.com/nats-io/jwt and github.com/nats-io/nats-server/v2 High
GHSA-9r5x-fjv3-q6h4 was published for github.com/nats-io/jwt (Go) Feb 15, 2022 withdrawn
Incorrect Authorization in WildFly Elytron High
CVE-2020-1748 was published for org.wildfly.security:wildfly-elytron (Maven) Feb 15, 2022
antd-admin 5.5.0 is affected by an incorrect access control vulnerability. Unauthorized access to... High Unreviewed
CVE-2021-46371 was published Feb 15, 2022
cmd/go in Go before 1.16.14 and 1.17.x before 1.17.7 can misinterpret branch names that falsely... High Unreviewed
CVE-2022-23773 was published Feb 12, 2022
Drupal core access bypass vulnerability High
CVE-2020-13677 was published for drupal/core (Composer) Feb 12, 2022
Improper access control in firmware for Intel(R) PROSet/Wireless Wi-Fi in multiple operating... High Unreviewed
CVE-2021-0164 was published Feb 11, 2022
Improper access control in the Intel(R) Advisor software before version 2021.2 may allow an... High Unreviewed
CVE-2021-23152 was published Feb 11, 2022
There is a security protection bypass vulnerability with the modem.Successful exploitation of... High Unreviewed
CVE-2021-37109 was published Feb 11, 2022
There is a permission verification vulnerability in the Bluetooth module.Successful exploitation... High Unreviewed
CVE-2021-40044 was published Feb 11, 2022
Improper access control in a third-party component of Intel(R) Quartus(R) Prime Pro Edition... High Unreviewed
CVE-2022-21174 was published Feb 11, 2022
An Improper Access Control vulnerability exists in Citrix Workspace App for Linux 2012 - 2111... High Unreviewed
CVE-2022-21825 was published Feb 11, 2022
With certain LDAP configurations, Zammad 5.0.1 was found to be vulnerable to unauthorized access... High Unreviewed
CVE-2021-43145 was published Feb 10, 2022
Local privilege escalation via named pipe due to improper access control checks. The following... High Unreviewed
CVE-2021-44204 was published Feb 10, 2022
ESET products for Windows allows untrusted process to impersonate the client of a pipe, which can... High Unreviewed
CVE-2021-37852 was published Feb 10, 2022
Improper Privilege Management in Apache Hadoop High
CVE-2020-9492 was published for org.apache.hadoop:hadoop-common (Maven) Feb 9, 2022
Incorrect Authorization in NATS nats-server High
CVE-2022-24450 was published for github.com/nats-io/nats-server/v2 (Go) Feb 8, 2022
Churro andrewpollock
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database