GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,070
Composer 4,319
Erlang 31
GitHub Actions 21
Go 2,077
Maven 5,250
npm 3,746
NuGet 674
pip 3,435
Pub 12
RubyGems 892
Rust 881
Swift 37

Unreviewed advisories

All unreviewed 241,285

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

1,940 advisories

Filter by severity

Sort by

Least recently updated

The Protect WP Admin WordPress plugin before 3.6.2 does not check for authorisation in the lib... High Unreviewed

CVE-2021-24906 was published Jan 25, 2022

IBM Cognos Controller 10.4.0, 10.4.1, and 10.4.2 could be vulnerable to unauthorized... Critical Unreviewed

CVE-2020-4877 was published Jan 22, 2022

A traffic classification vulnerability in Juniper Networks Junos OS on the SRX Series Services... Critical Unreviewed

CVE-2022-22157 was published Jan 20, 2022

A traffic classification vulnerability in Juniper Networks Junos OS on the SRX Series Services... Critical Unreviewed

CVE-2022-22167 was published Jan 20, 2022

Allwinner R818 SoC Android Q SDK V1.0 is affected by an incorrect access control vulnerability... High Unreviewed

CVE-2021-38789 was published Jan 20, 2022

AX3600 router sensitive information leaked.There is an unauthorized interface through luci to... High Unreviewed

CVE-2020-14110 was published Jan 19, 2022

Mattermost 6.1 and earlier fails to sufficiently validate permissions while viewing archived... Moderate Unreviewed

CVE-2021-37864 was published Jan 19, 2022

An issue has been discovered in GitLab CE/EE affecting all versions starting with 12.3. Under... Moderate Unreviewed

CVE-2022-0172 was published Jan 19, 2022

An issue was discovered in Delta RM 1.2. The /risque/risque/workflow/reset endpoint is lacking... Moderate Unreviewed

CVE-2021-44836 was published Jan 19, 2022

An issue has recently been discovered in Arista EOS where the incorrect use of EOS's AAA API’s by... High Unreviewed

CVE-2021-28500 was published Jan 15, 2022

An issue has recently been discovered in Arista EOS where the incorrect use of EOS's AAA API’s by... High Unreviewed

CVE-2021-28501 was published Jan 15, 2022

An issue has recently been discovered in Arista EOS where certain gNOI APIs incorrectly skip... Critical Unreviewed

CVE-2021-28506 was published Jan 15, 2022

An issue has recently been discovered in Arista EOS where, under certain conditions, the service... High Unreviewed

CVE-2021-28507 was published Jan 15, 2022

An issue was discovered in SysAid ITIL 20.4.74 b10. The /enduserreg endpoint is used to register... Moderate Unreviewed

CVE-2021-43974 was published Jan 12, 2022

Secure Boot Security Feature Bypass Vulnerability. Moderate Unreviewed

CVE-2022-21894 was published Jan 12, 2022

Windows Extensible Firmware Interface Security Feature Bypass Vulnerability. Moderate Unreviewed

CVE-2022-21899 was published Jan 12, 2022

Local Security Authority (Domain Policy) Remote Protocol Security Feature Bypass. Moderate Unreviewed

CVE-2022-21913 was published Jan 12, 2022

Improper authorization in TelephonyManager prior to SMR Jan-2022 Release 1 allows attackers to... Low Unreviewed

CVE-2022-22272 was published Jan 11, 2022

Improper authorization vulnerability in Galaxy Store prior to 4.5.36.5 allows remote app... High Unreviewed

CVE-2022-22288 was published Jan 11, 2022

An issue was discovered in dst-admin v1.3.0. The product has an unauthorized arbitrary file... High Unreviewed

CVE-2021-44586 was published Jan 11, 2022

Incorrect authorization vulnerability in KONICA MINOLTA bizhub series (bizhub C750i G00-35 and... Moderate Unreviewed

CVE-2021-20868 was published Jan 5, 2022

Glewlwyd 2.0.0, fixed in 2.6.1 is affected by an incorrect access control vulnerability. One user... High Unreviewed

CVE-2021-45379 was published Dec 31, 2021

Trendnet AC2600 TEW-827DRU version 2.08B01 does not have sufficient access controls for the WAN... Critical Unreviewed

CVE-2021-20149 was published Dec 31, 2021

PI Vision could disclose information to a user with insufficient privileges for an AF attribute... Unknown Unreviewed

CVE-2021-3090 was published Dec 29, 2021

Insufficient policy enforcement in iframe sandbox in Google Chrome prior to 96.0.4664.45 allowed... High Unreviewed

CVE-2021-38017 was published Dec 24, 2021

Previous 1 2 … 74 75 76 77 78 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

1,940 advisories