GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,205
Erlang
31
GitHub Actions
19
Go
1,986
Maven
5,000+
npm
3,703
NuGet
661
pip
3,329
Pub
11
RubyGems
884
Rust
843
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
814 advisories
Filter by severity
In vpu, there is a possible escalation of privilege due to a missing permission check. This could...
Moderate
Unreviewed
CVE-2022-20049
was published
Mar 11, 2022
In ims service, there is a possible unexpected application behavior due to incorrect privilege...
Moderate
Unreviewed
CVE-2022-20051
was published
Mar 11, 2022
In preloader (usb), there is a possible permission bypass due to a missing proper image...
Moderate
Unreviewed
CVE-2022-20060
was published
Mar 11, 2022
Ericsson Network Manager 20.2 has Insecure Permissions.
Moderate
Unreviewed
CVE-2021-28488
was published
Mar 11, 2022
One of the API in Mattermost version 6.3.0 and earlier fails to properly protect the permissions,...
Moderate
Unreviewed
CVE-2022-1003
was published
Mar 19, 2022
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 9.7, 10.1, 10.5, 11.1, and 11.5...
Moderate
Unreviewed
CVE-2021-38926
was published
Dec 10, 2021
An issue has been discovered in GitLab CE/EE affecting all versions starting from 8.11 before 14...
Moderate
Unreviewed
CVE-2021-39931
was published
Dec 14, 2021
In ic_startRetrieveEntryValue of acropora/app/identity/ic.c, there is a possible bypass of...
Moderate
Unreviewed
CVE-2021-39643
was published
Dec 16, 2021
In Telecomm, there is a possible way to determine whether an app is installed, without query...
Moderate
Unreviewed
CVE-2021-39778
was published
Mar 31, 2022
Windows Mobile Device Management Elevation of Privilege Vulnerability
Moderate
Unreviewed
CVE-2021-43880
was published
Dec 16, 2021
IBM SterlingPartner Engagement Manager 6.2.0 could allow a malicious user to elevate their...
Moderate
Unreviewed
CVE-2022-22328
was published
Apr 2, 2022
Dell VNX2 for File version 8.1.21.266 and earlier, contain a privilege escalation vulnerability....
Moderate
Unreviewed
CVE-2021-36293
was published
Apr 9, 2022
Dell VNX2 for File version 8.1.21.266 and earlier, contain a privilege escalation vulnerability....
Moderate
Unreviewed
CVE-2021-36290
was published
Apr 9, 2022
A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE)...
Moderate
Unreviewed
CVE-2022-20782
was published
Apr 7, 2022
StorageGRID (formerly StorageGRID Webscale) versions 11.5 prior to 11.5.0.5 are susceptible to a...
Moderate
Unreviewed
CVE-2021-27006
was published
Dec 24, 2021
Dell PowerScale OneFS, versions 8.2.0-9.3.0, contains an Improper Handling of Insufficient...
Moderate
Unreviewed
CVE-2022-23160
was published
Apr 13, 2022
Insufficient control flow management in the firmware for some Intel(R) Processors may allow a...
Moderate
Unreviewed
CVE-2021-0103
was published
Feb 11, 2022
A potential security vulnerability has been identified in HPE Superdome Flex and Superdome Flex...
Moderate
Unreviewed
CVE-2022-23702
was published
Apr 13, 2022
A flaw was found in cifs-utils in versions before 6.13. A user when mounting a krb5 CIFS file...
Moderate
Unreviewed
CVE-2021-20208
was published
May 24, 2022
An issue was discovered in Delta RM 1.2. Using an privileged account, it is possible to edit,...
Moderate
Unreviewed
CVE-2021-44840
was published
Jan 19, 2022
An issue was discovered in MB connect line mymbCONNECT24 and mbCONNECT24 software in all versions...
Moderate
Unreviewed
CVE-2020-12527
was published
May 24, 2022
IBM Cognos Analytics 11.1.7, 11.2.0, and 11.1.7 is vulnerable to priviledge escalation where a...
Moderate
Unreviewed
CVE-2021-29824
was published
Apr 23, 2022
SAP startservice - of SAP NetWeaver Application Server ABAP, Application Server Java, ABAP...
Moderate
Unreviewed
CVE-2022-29614
was published
Jun 15, 2022
In the NXP NFC firmware, there is a possible insecure firmware update due to a logic error. This...
Moderate
Unreviewed
CVE-2021-0462
was published
May 24, 2022
Privilege escalation vulnerability in McAfee Data Loss Prevention (DLP) ePO extension prior to 11...
Moderate
Unreviewed
CVE-2020-7305
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API