GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 23,570
Composer 4,838
Erlang 36
GitHub Actions 33
Go 2,460
Maven 5,866
npm 4,082
NuGet 723
pip 3,873
Pub 12
RubyGems 943
Rust 1,010
Swift 39

Unreviewed advisories

All unreviewed 266,656

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

1,338 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

HashiCorp Vault Incorrect Permission Assignment for Critical Resource Critical

CVE-2021-43998 was published for github.com/hashicorp/vault (Go) Dec 2, 2021

Insecure permissions in OneBlog v2.3.4 allows low-level administrators to reset the passwords of... Moderate Unreviewed

CVE-2022-34012 was published Jun 24, 2022

A vulnerability has been identified in Xpedition Designer (All versions < VX.2.11). The affected... High Unreviewed

CVE-2022-31465 was published Jun 15, 2022

It was reported that watchman in openshift node-utils creates /var/run/watchman.pid and /var/log... Moderate Unreviewed

CVE-2014-0068 was published Jul 1, 2022

Incorrect Permission Assignment for Critical Resource vulnerability in ABB REX640 PCL1, REX640... Moderate Unreviewed

CVE-2022-1596 was published Jun 22, 2022

An issue was discovered in TitanFTP (aka Titan FTP) NextGen before 1.2.1050. When installing,... High Unreviewed

CVE-2022-34006 was published Jun 20, 2022

In universal forwarder versions before 9.0, management services are available remotely by default... High Unreviewed

CVE-2022-32155 was published Jun 16, 2022

In Connx Version 6.2.0.1269 (20210623), a cookie can be issued by the application and not have... Moderate Unreviewed

CVE-2021-40649 was published Jun 15, 2022

Local privilege vulnerability in Yandex Browser for Windows prior to 22.3.3.801 allows a local,... High Unreviewed

CVE-2022-28226 was published Jun 16, 2022

Tad Book3 editing book page does not perform identity verification. Remote attackers can use the... Critical Unreviewed

CVE-2021-41974 was published May 24, 2022

emlog v6.0.0 contains an arbitrary file deletion vulnerability in admin/plugin.php. Moderate Unreviewed

CVE-2020-21014 was published May 24, 2022

A permissions issue existed in DiskArbitration. This was addressed with additional ownership... High Unreviewed

CVE-2021-1784 was published May 24, 2022

In telephony, there is a possible information disclosure due to a missing permission check. This... Moderate Unreviewed

CVE-2022-21749 was published Jun 7, 2022

AVideo/YouPHPTube 10.0 and prior is affected by Insecure file write. An administrator privileged... High Unreviewed

CVE-2021-25877 was published May 24, 2022

A flaw was discovered in Continuous Delivery for Puppet Enterprise (CD4PE) that results in a user... High Unreviewed

CVE-2021-27024 was published May 24, 2022

In telephony, there is a possible information disclosure due to a missing permission check. This... Moderate Unreviewed

CVE-2022-21748 was published Jun 7, 2022

An incorrect permission assignment vulnerability in Trend Micro Apex One and Apex One as a... High Unreviewed

CVE-2022-30700 was published May 28, 2022

In SapphireIMS 5.0, it is possible to create local administrator on any client with credentials... High Unreviewed

CVE-2020-25564 was published May 24, 2022

Talk 4 in Coral before 4.12.1 allows remote attackers to discover e-mail addresses and other... High Unreviewed

CVE-2021-35970 was published May 24, 2022

An issue was discovered in MediaWiki before 1.31.13 and 1.32.x through 1.35.x before 1.35.2. When... Moderate Unreviewed

CVE-2021-30152 was published May 24, 2022

OpenIAM before 4.2.0.3 has Incorrect Access Control for the Create User, Modify User Permissions,... Critical Unreviewed

CVE-2020-13421 was published May 24, 2022

In archiveStoredConversation of MmsService.java, there is a possible way to archive message... High Unreviewed

CVE-2021-0539 was published May 24, 2022

Improper access control vulnerability in ELECOM LD-PS/U1 allows remote attackers to change the... High Unreviewed

CVE-2021-20643 was published May 24, 2022

In JetBrains Hub before 2020.1.12629, an authenticated user can delete 2FA settings of any other... Moderate Unreviewed

CVE-2021-25759 was published May 24, 2022

The Mozilla Maintenance Service granted SERVICE_START access to BUILTIN|Users which, in a domain... Moderate Unreviewed

CVE-2021-29951 was published May 24, 2022

Previous 1 2 … 49 50 51 52 53 54 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

1,338 advisories