Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,205
Erlang
31
GitHub Actions
19
Go
1,986
Maven
5,000+
npm
3,703
NuGet
661
pip
3,329
Pub
11
RubyGems
884
Rust
843
Swift
36
Unreviewed advisories
All unreviewed
5,000+

984 advisories

Loading
An issue was discovered in Amazon AWS VPN Client 2.0.0. A TOCTOU race condition exists during the... Moderate Unreviewed
CVE-2022-25165 was published Apr 15, 2022
A PHP Local File Inclusion vulneraility in the default Redbasic theme for Hubzilla before version... High Unreviewed
CVE-2022-27257 was published Apr 16, 2022
Exposure of Resource to Wrong Sphere in Simple-Wayland-HotKey-Daemon Moderate
CVE-2022-27817 was published for Simple-Wayland-HotKey-Daemon (Rust) Apr 15, 2022
Exposure of Resource to Wrong Sphere in Simple-Wayland-HotKey-Daemon Low
CVE-2022-27814 was published for Simple-Wayland-HotKey-Daemon (Rust) Apr 15, 2022
Shinyzenith
In l2cble_process_sig_cmd of l2c_ble.cc, there is a possible out of bounds read due to a missing... Moderate Unreviewed
CVE-2021-39805 was published Apr 13, 2022
Improper Control of a Resource Through its Lifetime in Mattermost Moderate
CVE-2022-1385 was published for github.com/mattermost/mattermost-server/v6 (Go) Apr 20, 2022
Mounting /proc filesystem via chroot command silently mounts it in read-write mode. The user... Moderate Unreviewed
CVE-2008-2544 was published Apr 21, 2022
An Access Control vulnerability exists in Desire2Learn/D2L Learning Management System (LMS) 20.21... Moderate Unreviewed
CVE-2021-43129 was published Apr 20, 2022
In Weidmüller u-controls and IoT-Gateways in versions up to 1.12.1 a network port intended only... Critical Unreviewed
CVE-2021-20999 was published May 24, 2022
IBM Cognos Analytics 11.1.7, 11.2.0, and 11.1.7 could allow a remote attacker to obtain... Moderate Unreviewed
CVE-2021-38904 was published Apr 23, 2022
IBM Cognos Analytics 11.1.7, 11.2.0, and 11.1.7 could allow an authenticated user to view report... Moderate Unreviewed
CVE-2021-38905 was published Apr 23, 2022
CSRF token exposure in TYPO3 extension Moderate
CVE-2021-36793 was published for lms/routes (Composer) Sep 2, 2021
Zoho ManageEngine Remote Access Plus before 10.1.2137.15 allows guest users to view domain... Moderate Unreviewed
CVE-2022-26653 was published Apr 17, 2022
Verizon LVSKIHP 5G outside devices through 2022-02-15 allow anyone (knowing the device's serial... High Unreviewed
CVE-2022-28376 was published Apr 4, 2022
In the KeepKey firmware before 7.3.2, the bootloader can be exploited in unusual situations in... Moderate Unreviewed
CVE-2022-30330 was published May 8, 2022
A vulnerability in the implementation of a CLI command in Cisco Aironet Access Points (AP) could... Moderate Unreviewed
CVE-2021-1423 was published May 24, 2022
Zoho ManageEngine Remote Access Plus before 10.1.2137.15 allows guest users to view license details. Moderate Unreviewed
CVE-2022-26777 was published Apr 17, 2022
Atlassian Confluence Server and Data Center before version 6.13.1 allows an authenticated user to... Moderate Unreviewed
CVE-2018-20237 was published May 13, 2022
Information leakage occurs when a website reveals information that could aid an attacker to... Moderate Unreviewed
CVE-2021-27769 was published May 13, 2022
Windows OS can be configured to overlay a “language bar” on top of any application. When this OS... Critical Unreviewed
CVE-2022-1467 was published May 24, 2022
Avdor CIS - crystal quality Credentials Management Errors. The product is phone call recorder,... Moderate Unreviewed
CVE-2022-36780 was published Sep 14, 2022
controllers/admin.js in Total.js CMS 13 allows remote attackers to execute arbitrary code via a... Moderate Unreviewed
CVE-2020-9381 was published May 24, 2022
This issue was addressed with a new entitlement. This issue is fixed in iOS 13.4 and iPadOS 13.4,... Moderate Unreviewed
CVE-2020-3917 was published May 24, 2022
The issue was addressed with improved deletion. This issue is fixed in iOS 13.4 and iPadOS 13.4.... Moderate Unreviewed
CVE-2020-3890 was published May 24, 2022
An issue was discovered in Joomla! 3.0.0 through 3.9.24. Incorrect ACL checks could allow... Moderate Unreviewed
CVE-2021-26027 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database