GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
797 advisories
Filter by severity
The execve function in the Linux kernel, possibly 2.6.30-rc6 and earlier, does not properly clear...
Moderate
Unreviewed
CVE-2009-2848
was published
May 2, 2022
The ThreadPool class in Windows Vista Gold and SP1, and Server 2008, does not properly implement...
Moderate
Unreviewed
CVE-2009-0080
was published
May 2, 2022
The Site Documentation Drupal module 5.x before 5.x-1.8 and 6.x before 6.x-1.1 allows remote...
Moderate
Unreviewed
CVE-2008-2271
was published
May 1, 2022
Microsoft Exchange Server 2000 System Attendant gives "Everyone" group privileges to the WinReg...
Moderate
Unreviewed
CVE-2002-0049
was published
Apr 30, 2022
IBM InfoSphere Information Server 11.7 could allow an authenticated user to view information of...
Moderate
Unreviewed
CVE-2022-22441
was published
Apr 29, 2022
IBM Cognos Analytics 11.1.7, 11.2.0, and 11.1.7 is vulnerable to priviledge escalation where a...
Moderate
Unreviewed
CVE-2021-29824
was published
Apr 23, 2022
A potential security vulnerability has been identified in HPE Superdome Flex and Superdome Flex...
Moderate
Unreviewed
CVE-2022-23702
was published
Apr 13, 2022
Dell PowerScale OneFS, versions 8.2.0-9.3.0, contains an Improper Handling of Insufficient...
Moderate
Unreviewed
CVE-2022-23160
was published
Apr 13, 2022
Dell VNX2 for File version 8.1.21.266 and earlier, contain a privilege escalation vulnerability....
Moderate
Unreviewed
CVE-2021-36290
was published
Apr 9, 2022
Dell VNX2 for File version 8.1.21.266 and earlier, contain a privilege escalation vulnerability....
Moderate
Unreviewed
CVE-2021-36293
was published
Apr 9, 2022
A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE)...
Moderate
Unreviewed
CVE-2022-20782
was published
Apr 7, 2022
IBM SterlingPartner Engagement Manager 6.2.0 could allow a malicious user to elevate their...
Moderate
Unreviewed
CVE-2022-22328
was published
Apr 2, 2022
In Telecomm, there is a possible way to determine whether an app is installed, without query...
Moderate
Unreviewed
CVE-2021-39778
was published
Mar 31, 2022
One of the API in Mattermost version 6.3.0 and earlier fails to properly protect the permissions,...
Moderate
Unreviewed
CVE-2022-1003
was published
Mar 19, 2022
Ericsson Network Manager 20.2 has Insecure Permissions.
Moderate
Unreviewed
CVE-2021-28488
was published
Mar 11, 2022
In vpu, there is a possible escalation of privilege due to a missing permission check. This could...
Moderate
Unreviewed
CVE-2022-20049
was published
Mar 11, 2022
In ims service, there is a possible unexpected application behavior due to incorrect privilege...
Moderate
Unreviewed
CVE-2022-20051
was published
Mar 11, 2022
In preloader (usb), there is a possible permission bypass due to a missing proper image...
Moderate
Unreviewed
CVE-2022-20060
was published
Mar 11, 2022
Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022...
Moderate
Unreviewed
CVE-2022-24519
was published
Mar 10, 2022
Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022...
Moderate
Unreviewed
CVE-2022-24518
was published
Mar 10, 2022
Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022...
Moderate
Unreviewed
CVE-2022-24515
was published
Mar 10, 2022
A local attacker can overwrite arbitrary files on the system with VPN client logs using...
Moderate
Unreviewed
CVE-2021-36809
was published
Mar 9, 2022
IBM AIX 7.1, 7.2, 7.3, and VIOS 3.1 could allow a local user with elevated privileges to cause a...
Moderate
Unreviewed
CVE-2021-38955
was published
Mar 2, 2022
Insufficient control flow management in the firmware for some Intel(R) Processors may allow a...
Moderate
Unreviewed
CVE-2021-0103
was published
Feb 11, 2022
A vulnerability in the web-based management interface of Cisco Prime Service Catalog could allow...
Moderate
Unreviewed
CVE-2022-20680
was published
Feb 11, 2022
ProTip!
Advisories are also available from the
GraphQL API