GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
701 advisories
Filter by severity
Improper access control in the software installer for the Intel(R) Serial IO driver for Intel(R)...
High
Unreviewed
CVE-2021-33118
was published
Nov 18, 2021
Improper access control on the LocalClientList.asp interface allows an unauthenticated remote...
High
Unreviewed
CVE-2022-25214
was published
Mar 11, 2022
An issue was discovered in Luna Simo PPR1.180610.011/202001031830. A pre-installed app with a...
High
Unreviewed
CVE-2021-41850
was published
Mar 13, 2022
arm: guest_physmap_remove_page not removing the p2m mappings The functions to remove one or more...
High
Unreviewed
CVE-2022-23033
was published
Jan 26, 2022
In Gradle Enterprise before 2021.4.2, the default built-in build cache configuration allowed...
High
Unreviewed
CVE-2022-25364
was published
Mar 18, 2022
This issue was addressed with improved checks. This issue is fixed in watchOS 8.5, iOS 15.4 and...
High
Unreviewed
CVE-2022-22618
was published
Mar 19, 2022
A flaw was found in Quarkus. The state and potentially associated permissions can leak from one...
High
Unreviewed
CVE-2022-0981
was published
Mar 24, 2022
The Linux kernel before 5.17.2 mishandles seccomp permissions. The PTRACE_SEIZE code path allows...
High
Unreviewed
CVE-2022-30594
was published
May 13, 2022
Improper access control vulnerability in ELECOM routers (WRC-1167GST2 firmware v1.25 and prior,...
High
Unreviewed
CVE-2021-20864
was published
Dec 2, 2021
The Spotfire Server component of TIBCO Software Inc.'s TIBCO Spotfire Server, TIBCO Spotfire...
High
Unreviewed
CVE-2021-43051
was published
Dec 15, 2021
There is an Improper access control vulnerability in Huawei Smartphone.Successful exploitation of...
High
Unreviewed
CVE-2021-37038
was published
Dec 8, 2021
An improper authorization handling flaw was found in Foreman. The Salt plugin for the smart-proxy...
High
Unreviewed
CVE-2021-3456
was published
Mar 31, 2022
In PackageManager, there is a possible way to change the splash screen theme of other apps due to...
High
Unreviewed
CVE-2021-39750
was published
Mar 31, 2022
In incfs, there is a possible way of mounting on arbitrary paths due to a missing permission...
High
Unreviewed
CVE-2022-20002
was published
Mar 31, 2022
In WindowManager, there is a possible way to start non-exported and protected activities due to a...
High
Unreviewed
CVE-2021-39749
was published
Mar 31, 2022
Trend Micro Antivirus for Mac 2021 v11 (Consumer) is vulnerable to an improper access control...
High
Unreviewed
CVE-2021-43771
was published
Dec 1, 2021
In Telecom, there is a possible leak of TTY mode change due to a missing permission check. This...
High
Unreviewed
CVE-2021-39789
was published
Mar 31, 2022
In Dialer, there is a possible way to manipulate visual voicemail settings due to a missing...
High
Unreviewed
CVE-2021-39790
was published
Mar 31, 2022
On Arista Strata family products which have “TCAM profile” feature enabled when Port IPv4 access...
High
Unreviewed
CVE-2021-28504
was published
Apr 3, 2022
In PackageManager, there is a possible way to update the last usage time of another package due...
High
Unreviewed
CVE-2021-39743
was published
Mar 31, 2022
Xerox ColorQube 8580 was discovered to contain an access control issue which allows attackers to...
High
Unreviewed
CVE-2022-26572
was published
Apr 5, 2022
Rockwell Automation FactoryTalk Services Platform v6.11 and earlier, if FactoryTalk Security is...
High
Unreviewed
CVE-2021-32960
was published
Apr 3, 2022
Seyeon Tech Co., Ltd FlexWATCH FW3170-PS-E Network Video System 4.23-3000_GY allows attackers to...
High
Unreviewed
CVE-2022-25584
was published
Apr 6, 2022
An unauthorized file creation vulnerability in Telesquare TLR-2855KS6 via PUT method can allow...
High
Unreviewed
CVE-2021-46418
was published
Apr 8, 2022
Dalmark Systems Systeam 2.22.8 build 1724 is vulnerable to Incorrect Access Control. The Systeam...
High
Unreviewed
CVE-2021-44877
was published
Dec 22, 2021
ProTip!
Advisories are also available from the
GraphQL API