GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 23,570
Composer 4,838
Erlang 36
GitHub Actions 33
Go 2,460
Maven 5,866
npm 4,082
NuGet 723
pip 3,873
Pub 12
RubyGems 943
Rust 1,010
Swift 39

Unreviewed advisories

All unreviewed 266,656

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

1,338 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

In addOrUpdateNetwork of WifiServiceImpl.java, there is a possible way for a guest user to... High Unreviewed

CVE-2022-20398 was published Sep 14, 2022

Bytebase does not restrict low privilege user to access admin issues Moderate

CVE-2022-32169 was published for github.com/bytebase/bytebase (Go) Sep 29, 2022

An issue in the /config/config.php component of Indexhibit 2.1.5 allows attackers to arbitrarily... Moderate Unreviewed

CVE-2020-18127 was published May 24, 2022

Ingenico Telium 2 POS Telium2 OS allow bypass of file-reading restrictions via the NTPT3 protocol... Low Unreviewed

CVE-2018-17766 was published May 24, 2022

In Moodle before 3.8.2, 3.7.5, 3.6.9 and 3.5.11, users viewing the grade history report without... Moderate Unreviewed

CVE-2020-1754 was published Aug 6, 2022

Ovarro TBox proprietary Modbus file access functions allow attackers to read, alter, or delete... Critical Unreviewed

CVE-2021-22648 was published Jul 29, 2022

PingCentral versions prior to listed versions expose Spring Boot actuator endpoints that with... Moderate Unreviewed

CVE-2022-23726 was published Oct 1, 2022

An Incorrect Permission Assignment for Critical Resource flaw was found in Horizon on Red Hat... Moderate Unreviewed

CVE-2022-1655 was published Jul 23, 2022

A privilege escalation vulnerability exists in Rocket.chat <v5 which made it possible to elevate... Moderate Unreviewed

CVE-2022-35250 was published Sep 25, 2022

An issue has been discovered in Novastar-VNNOX-iCare Novaicare 7.16.0 that gives attacker... High Unreviewed

CVE-2021-38289 was published Jul 13, 2022

Improper input validation vulnerability in Link of Cybozu Garoon 4.0.0 to 5.5.1 allows a remote... Moderate Unreviewed

CVE-2022-27807 was published Jul 5, 2022

Operation restriction bypass vulnerability in Portal of Cybozu Garoon 4.0.0 to 5.5.1 allows a... Moderate Unreviewed

CVE-2022-26051 was published Jul 5, 2022

This vulnerability allows local attackers to escalate privileges on affected installations of... High Unreviewed

CVE-2022-34891 was published Jul 19, 2022

On version 2.x before 2.0.3 and 1.x before 1.12.3, the command line restriction that controls... Moderate Unreviewed

CVE-2021-23055 was published Apr 22, 2022

Mini-Tmall v1.0 is vulnerable to Insecure Permissions via tomcat-embed-jasper. High Unreviewed

CVE-2022-30929 was published Jul 7, 2022

In Car Settings app, the NotificationAccessConfirmationActivity is exported. In... High Unreviewed

CVE-2022-20234 was published Jul 14, 2022

A vulnerability exists in Online Student Rate System v1.0 that allows any user to register as an... Critical Unreviewed

CVE-2021-39409 was published Jun 25, 2022

Operation restriction bypass vulnerability in Link of Cybozu Garoon 4.0.0 to 5.5.1 allows a... Moderate Unreviewed

CVE-2022-26054 was published Jul 5, 2022

Improper input validation vulnerability in Scheduler of Cybozu Garoon 4.0.0 to 5.5.1 allows a... Moderate Unreviewed

CVE-2022-28692 was published Jul 5, 2022

Browse restriction bypass and operation restriction bypass vulnerability in Cabinet of Cybozu... Moderate Unreviewed

CVE-2022-26368 was published Jul 5, 2022

Privilege escalation in Nagios XI before 5.5.11 allows local attackers to elevate privileges to... High Unreviewed

CVE-2019-9166 was published May 13, 2022

Improper access control in the runner jobs API in GitLab CE/EE affecting all versions prior to 14... Moderate Unreviewed

CVE-2022-2227 was published Jul 2, 2022

Use of improper permission in InputManagerService prior to SMR Jul-2022 Release 1 allows... High Unreviewed

CVE-2022-33695 was published Jul 13, 2022

In Nagios XI through 5.8.5, a read-only Nagios user (due to an incorrect permission check) is... Moderate Unreviewed

CVE-2022-29271 was published Jun 30, 2022

Nextcloud Server before 9.0.55 and 10.0.2 suffers from a creation of folders in read-only folders... Moderate Unreviewed

CVE-2017-0884 was published May 13, 2022

Previous 1 2 … 48 49 50 51 52 53 54 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

1,338 advisories