Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,205
Erlang
31
GitHub Actions
19
Go
1,988
Maven
5,000+
npm
3,704
NuGet
661
pip
3,330
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

241 advisories

Loading
An Improper Access Control Vulnerability in the SMA100 series leads to multiple restricted... High Unreviewed
CVE-2021-20050 was published Dec 24, 2021
There is an unauthorized access vulnerability in system components. Successful exploitation of... High Unreviewed
CVE-2021-40051 was published Mar 11, 2022
Improper access control vulnerability in McAfee WebAdvisor Chrome and Edge browser extensions up... High Unreviewed
CVE-2022-0815 was published Mar 12, 2022
An information disclosure issue was addressed with improved state management. This issue is fixed... High Unreviewed
CVE-2022-22579 was published Mar 19, 2022
BigAnt Software BigAnt Server v5.6.06 was discovered to contain incorrect access control. High Unreviewed
CVE-2022-23345 was published Mar 22, 2022
Piwigo v12.2.0 was discovered to contain an information leak via the action parameter in /admin... High Unreviewed
CVE-2022-26267 was published Mar 20, 2022
IBM SterlingPartner Engagement Manager 6.2.0 could allow a remote authenticated attacker to... High Unreviewed
CVE-2022-22331 was published Apr 2, 2022
A remote, unauthenticated attacker could utilize the control programmer of the CODESYS Control... High Unreviewed
CVE-2022-22515 was published Apr 8, 2022
MyHuawei-App has a Exposure of Sensitive Information to an Unauthorized Actor vulnerability... High Unreviewed
CVE-2021-39972 was published Jan 4, 2022
Improper access control while doing XPU re-configuration dynamically can lead to unauthorized... High Unreviewed
CVE-2021-30276 was published Jan 4, 2022
BeyondTrust AppGuard Enterprise through 6.6.20.2 creates a Temporary File in a Directory with... High Unreviewed
CVE-2021-42255 was published Apr 13, 2022
Dell PowerScale OneFS 8.2.2 and above contain an elevation of privilege vulnerability. A local... High Unreviewed
CVE-2022-24411 was published Apr 13, 2022
A PHP Local File Inclusion vulneraility in the default Redbasic theme for Hubzilla before version... High Unreviewed
CVE-2022-27257 was published Apr 16, 2022
Verizon LVSKIHP 5G outside devices through 2022-02-15 allow anyone (knowing the device's serial... High Unreviewed
CVE-2022-28376 was published Apr 4, 2022
In startIpClient of ClientModeImpl.java, there is a possible identifier which could be used to... High Unreviewed
CVE-2021-0466 was published May 24, 2022
Istio before 1.9.6 and 1.10.x before 1.10.2 has Incorrect Access Control. High Unreviewed
CVE-2021-34824 was published May 24, 2022
muc.lib.lua in Prosody 0.11.0 through 0.11.9 allows remote attackers to obtain sensitive... High Unreviewed
CVE-2021-37601 was published May 24, 2022
In cPanel before 96.0.13, scripts/fix-cpanel-perl mishandles the creation of temporary files (SEC... High Unreviewed
CVE-2021-38587 was published May 24, 2022
Exim 4 before 4.94.2 allows Exposure of File Descriptor to Unintended Control Sphere because... High Unreviewed
CVE-2020-28012 was published May 24, 2022
An information disclosure vulnerability in GitLab EE versions 13.11 and later allowed a project... High Unreviewed
CVE-2021-22215 was published May 24, 2022
There is an Information Disclosure Vulnerability in Huawei Smartphone.Successful exploitation of... High Unreviewed
CVE-2021-22446 was published May 24, 2022
NVIDIA GeForce Experience, all versions prior to 3.23, contains a vulnerability where, if a user... High Unreviewed
CVE-2021-1073 was published May 24, 2022
Incorrect Access Control in Zammad 1.0.x up to 4.0.0 allows attackers to obtain sensitive... High Unreviewed
CVE-2021-35299 was published May 24, 2022
LINE client for iOS before 11.15.0 might expose authentication information for a certain service... High Unreviewed
CVE-2021-41011 was published May 24, 2022
An exploitable local privilege elevation vulnerability exists in the file system permissions of... High Unreviewed
CVE-2018-4048 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database