GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
21
Go
2,001
Maven
5,000+
npm
3,713
NuGet
661
pip
3,384
Pub
11
RubyGems
885
Rust
849
Swift
36
Unreviewed advisories
All unreviewed
5,000+
834 advisories
Filter by severity
D-Link DIR-2640-US 1.01B04 is vulnerable to Incorrect Access Control. Router ac2600 (dir-2640-us)...
High
Unreviewed
CVE-2021-34203
was published
May 24, 2022
An improper access control vulnerability in genericssoservice prior to SMR JUN-2021 Release 1...
High
Unreviewed
CVE-2021-25412
was published
May 24, 2022
An improper authorization vulnerability in Samsung Members "samsungrewards" scheme for deeplink...
High
Unreviewed
CVE-2021-25374
was published
May 24, 2022
In Etherpad UeberDB < 0.4.4, due to MySQL omitting trailing spaces on char / varchar columns...
High
Unreviewed
CVE-2020-22784
was published
May 24, 2022
Improper access control vulnerability in Buffalo broadband routers (BHR-4GRV firmware Ver.1.99...
High
Unreviewed
CVE-2021-3512
was published
May 24, 2022
An issue exists on NightOwl WDB-20-V2 WDB-20-V2_20190314 devices that allows an unauthenticated...
High
Unreviewed
CVE-2021-31793
was published
May 24, 2022
Incorrect access control in zam64.sys, zam32.sys in MalwareFox AntiMalware 2.74.0.150 where IOCTL...
High
Unreviewed
CVE-2021-31727
was published
May 24, 2022
Improper access control vulnerability in Samsung Members prior to versions 2.4.85.11 in Android O...
High
Unreviewed
CVE-2021-25438
was published
May 24, 2022
Under certain conditions, SAP Business One Hana Chef Cookbook, versions - 8.82, 9.0, 9.1, 9.2, 9...
High
Unreviewed
CVE-2021-27616
was published
May 24, 2022
Archer Platform 6.3 before 6.11 (6.11.0.0) contains an Improper Access Control Vulnerability...
High
Unreviewed
CVE-2022-30584
was published
May 27, 2022
In the Settings app, there is a possible way to disable an always-on VPN due to a missing...
High
Unreviewed
CVE-2021-0505
was published
May 24, 2022
Incorrect Access Control in Tranquil WAPT Enterprise - before 1.8.2.7373 and before 2.0.0.9450...
High
Unreviewed
CVE-2021-38608
was published
May 24, 2022
PwnDoc through 2021-04-22 has incorrect JSON Webtoken handling, leading to incorrect access...
High
Unreviewed
CVE-2021-31590
was published
May 24, 2022
An access control bypass vulnerability found in 389-ds-base. That mishandling of the filter that...
High
Unreviewed
CVE-2022-1949
was published
Jun 3, 2022
WinWaste.NET version 1.0.6183.16475 has incorrect permissions, allowing a local unprivileged user...
High
Unreviewed
CVE-2021-34110
was published
May 24, 2022
Windows LSA Security Feature Bypass Vulnerability
High
Unreviewed
CVE-2021-33786
was published
May 24, 2022
Improper access control vulnerability in DAP-1880AC firmware version 1.21 and earlier allows a...
High
Unreviewed
CVE-2021-20694
was published
May 24, 2022
Improper access control vulnerability in Gurunavi App for Android ver.10.0.10 and earlier and for...
High
Unreviewed
CVE-2021-20693
was published
May 24, 2022
Microsoft Office Security Feature Bypass Vulnerability
High
Unreviewed
CVE-2021-34469
was published
May 24, 2022
NVIDIA Linux kernel distributions contain a vulnerability in nvmap NVMAP_IOC_WRITE* paths, where...
High
Unreviewed
CVE-2021-1107
was published
May 24, 2022
Docker Desktop before 3.6.0 suffers from incorrect access control. If a low-privileged account is...
High
Unreviewed
CVE-2021-37841
was published
May 24, 2022
Adobe Bridge version 11.0 (and earlier) is affected by an out-of-bounds write vulnerability when...
High
Unreviewed
CVE-2021-21012
was published
May 24, 2022
An improper access control vulnerability in FortiManager versions 6.4.0 to 6.4.3 may allow an...
High
Unreviewed
CVE-2021-24006
was published
May 24, 2022
The Brizy Page Builder plugin <= 2.3.11 for WordPress used an incorrect authorization check that...
High
Unreviewed
CVE-2021-38345
was published
May 24, 2022
A security flaw in the 'owned' function of a smart contract implementation for RobotCoin (RBTC),...
High
Unreviewed
CVE-2021-34272
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API