GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,204
Composer 4,097
Erlang 29
GitHub Actions 19
Go 1,925
Maven 5,117
npm 3,657
NuGet 638
pip 3,264
Pub 10
RubyGems 873
Rust 823
Swift 35

Unreviewed advisories

All unreviewed 229,482

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

1,142 advisories

Filter by severity

Sort by

Least recently updated

A flaw was discovered in Continuous Delivery for Puppet Enterprise (CD4PE) that results in a user... High Unreviewed

CVE-2021-27024 was published May 24, 2022

AVideo/YouPHPTube 10.0 and prior is affected by Insecure file write. An administrator privileged... High Unreviewed

CVE-2021-25877 was published May 24, 2022

In telephony, there is a possible information disclosure due to a missing permission check. This... Moderate Unreviewed

CVE-2022-21749 was published Jun 7, 2022

A permissions issue existed in DiskArbitration. This was addressed with additional ownership... High Unreviewed

CVE-2021-1784 was published May 24, 2022

emlog v6.0.0 contains an arbitrary file deletion vulnerability in admin/plugin.php. Moderate Unreviewed

CVE-2020-21014 was published May 24, 2022

Tad Book3 editing book page does not perform identity verification. Remote attackers can use the... Critical Unreviewed

CVE-2021-41974 was published May 24, 2022

Local privilege vulnerability in Yandex Browser for Windows prior to 22.3.3.801 allows a local,... High Unreviewed

CVE-2022-28226 was published Jun 16, 2022

In Connx Version 6.2.0.1269 (20210623), a cookie can be issued by the application and not have... Moderate Unreviewed

CVE-2021-40649 was published Jun 15, 2022

In universal forwarder versions before 9.0, management services are available remotely by default... High Unreviewed

CVE-2022-32155 was published Jun 16, 2022

An issue was discovered in TitanFTP (aka Titan FTP) NextGen before 1.2.1050. When installing,... High Unreviewed

CVE-2022-34006 was published Jun 20, 2022

Incorrect Permission Assignment for Critical Resource vulnerability in ABB REX640 PCL1, REX640... Moderate Unreviewed

CVE-2022-1596 was published Jun 22, 2022

It was reported that watchman in openshift node-utils creates /var/run/watchman.pid and /var/log... Moderate Unreviewed

CVE-2014-0068 was published Jul 1, 2022

A vulnerability has been identified in Xpedition Designer (All versions < VX.2.11). The affected... High Unreviewed

CVE-2022-31465 was published Jun 15, 2022

Insecure permissions in OneBlog v2.3.4 allows low-level administrators to reset the passwords of... Moderate Unreviewed

CVE-2022-34012 was published Jun 24, 2022

HashiCorp Vault Incorrect Permission Assignment for Critical Resource Critical

CVE-2021-43998 was published for github.com/hashicorp/vault (Go) Dec 2, 2021

Nextcloud Server before 9.0.55 and 10.0.2 suffers from a creation of folders in read-only folders... Moderate Unreviewed

CVE-2017-0884 was published May 13, 2022

In Nagios XI through 5.8.5, a read-only Nagios user (due to an incorrect permission check) is... Moderate Unreviewed

CVE-2022-29271 was published Jun 30, 2022

Use of improper permission in InputManagerService prior to SMR Jul-2022 Release 1 allows... High Unreviewed

CVE-2022-33695 was published Jul 13, 2022

Improper access control in the runner jobs API in GitLab CE/EE affecting all versions prior to 14... Moderate Unreviewed

CVE-2022-2227 was published Jul 2, 2022

Privilege escalation in Nagios XI before 5.5.11 allows local attackers to elevate privileges to... High Unreviewed

CVE-2019-9166 was published May 13, 2022

Improper input validation vulnerability in Scheduler of Cybozu Garoon 4.0.0 to 5.5.1 allows a... Moderate Unreviewed

CVE-2022-28692 was published Jul 5, 2022

Browse restriction bypass and operation restriction bypass vulnerability in Cabinet of Cybozu... Moderate Unreviewed

CVE-2022-26368 was published Jul 5, 2022

Operation restriction bypass vulnerability in Link of Cybozu Garoon 4.0.0 to 5.5.1 allows a... Moderate Unreviewed

CVE-2022-26054 was published Jul 5, 2022

A vulnerability exists in Online Student Rate System v1.0 that allows any user to register as an... Critical Unreviewed

CVE-2021-39409 was published Jun 25, 2022

In Car Settings app, the NotificationAccessConfirmationActivity is exported. In... High Unreviewed

CVE-2022-20234 was published Jul 14, 2022

Previous 1 2 3 4 5 6 … 45 46 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

1,142 advisories