GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 23,569
Composer 4,838
Erlang 36
GitHub Actions 33
Go 2,460
Maven 5,866
npm 4,082
NuGet 723
pip 3,872
Pub 12
RubyGems 943
Rust 1,010
Swift 39

Unreviewed advisories

All unreviewed 266,656

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

1,338 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

This vulnerability allows local attackers to escalate privileges on affected installations of... High Unreviewed

CVE-2022-34891 was published Jul 19, 2022

Improper input validation vulnerability in Link of Cybozu Garoon 4.0.0 to 5.5.1 allows a remote... Moderate Unreviewed

CVE-2022-27807 was published Jul 5, 2022

Operation restriction bypass vulnerability in Portal of Cybozu Garoon 4.0.0 to 5.5.1 allows a... Moderate Unreviewed

CVE-2022-26051 was published Jul 5, 2022

An issue has been discovered in Novastar-VNNOX-iCare Novaicare 7.16.0 that gives attacker... High Unreviewed

CVE-2021-38289 was published Jul 13, 2022

A privilege escalation vulnerability exists in Rocket.chat <v5 which made it possible to elevate... Moderate Unreviewed

CVE-2022-35250 was published Sep 25, 2022

An Incorrect Permission Assignment for Critical Resource flaw was found in Horizon on Red Hat... Moderate Unreviewed

CVE-2022-1655 was published Jul 23, 2022

PingCentral versions prior to listed versions expose Spring Boot actuator endpoints that with... Moderate Unreviewed

CVE-2022-23726 was published Oct 1, 2022

Ovarro TBox proprietary Modbus file access functions allow attackers to read, alter, or delete... Critical Unreviewed

CVE-2021-22648 was published Jul 29, 2022

In Moodle before 3.8.2, 3.7.5, 3.6.9 and 3.5.11, users viewing the grade history report without... Moderate Unreviewed

CVE-2020-1754 was published Aug 6, 2022

Ingenico Telium 2 POS Telium2 OS allow bypass of file-reading restrictions via the NTPT3 protocol... Low Unreviewed

CVE-2018-17766 was published May 24, 2022

An issue in the /config/config.php component of Indexhibit 2.1.5 allows attackers to arbitrarily... Moderate Unreviewed

CVE-2020-18127 was published May 24, 2022

Bytebase does not restrict low privilege user to access admin issues Moderate

CVE-2022-32169 was published for github.com/bytebase/bytebase (Go) Sep 29, 2022

In addOrUpdateNetwork of WifiServiceImpl.java, there is a possible way for a guest user to... High Unreviewed

CVE-2022-20398 was published Sep 14, 2022

CuppaCMS 1.0 is vulnerable to Remote Code Execution (RCE). An authenticated user can control both... High Unreviewed

CVE-2022-37190 was published Sep 14, 2022

It was discovered that the SteelCentral AppInternals Dynamic Sampling Agent (DSA) uses the "... High Unreviewed

CVE-2021-42855 was published Mar 11, 2022

In the SEPolicy configuration of system apps, there is a possible access to the 'ip' utility due... Moderate Unreviewed

CVE-2022-20399 was published Sep 14, 2022

IBM CICS TX 11.1 could disclose sensitive information to a local user due to insecure permission... Low Unreviewed

CVE-2022-34314 was published Nov 15, 2022

An issue was discovered in the DBI module through 1.643 for Perl. DBD::File drivers can open... High Unreviewed

CVE-2014-10402 was published May 17, 2022

JFrog Artifactory prior to version 7.28.0 and 6.23.38, is vulnerable to Broken Access Control,... Moderate Unreviewed

CVE-2021-41834 was published May 24, 2022

A Local Privilege Escalation in libqcocoa.dylib in Foxit Reader 3.1.0.0111 on macOS has been... High Unreviewed

CVE-2019-8342 was published May 24, 2022

Hasplm cookie in Gemalto Admin Control Center, all versions prior to 7.92, does not have ... Moderate Unreviewed

CVE-2019-8283 was published May 24, 2022

A vulnerability in the London Trust Media Private Internet Access (PIA) VPN Client v82 for macOS... High Unreviewed

CVE-2019-12577 was published May 24, 2022

Sensitive Cookie Without 'HttpOnly' Flag in GitHub repository lirantal/daloradius prior to master. Moderate Unreviewed

CVE-2022-4630 was published Dec 21, 2022

A privilege escalation vulnerability exists in the oslo.privsep functionality of OpenStack git... High Unreviewed

CVE-2022-38065 was published Dec 21, 2022

EXFO - BV-10 Performance Endpoint Unit misconfiguration. System configuration file has... Moderate Unreviewed

CVE-2022-39186 was published Jan 12, 2023

Previous 1 2 3 4 5 6 7 … 53 54 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

1,338 advisories