GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,262
Erlang
31
GitHub Actions
21
Go
2,024
Maven
5,000+
npm
3,731
NuGet
662
pip
3,407
Pub
12
RubyGems
891
Rust
864
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
869 advisories
Filter by severity
Adobe Creative Cloud version 5.5 (and earlier) are affected by a privilege escalation...
High
Unreviewed
CVE-2021-43019
was published
Nov 24, 2021
Insulet Omnipod Insulin Management System insulin pump product ID 19191 and 40160 is designed to...
High
Unreviewed
CVE-2020-10627
was published
Dec 2, 2021
peertube is vulnerable to Improper Access Control
High
Unreviewed
CVE-2022-0133
was published
Jan 11, 2022
The Protect WP Admin WordPress plugin before 3.6.2 does not check for authorisation in the lib...
High
Unreviewed
CVE-2021-24906
was published
Jan 25, 2022
Prior to v0.6.1, bored-agent failed to sanitize incoming kubernetes impersonation headers...
High
Unreviewed
CVE-2022-0270
was published
Jan 26, 2022
The IP2Location Country Blocker WordPress plugin before 2.26.5 does not have authorisation and...
High
Unreviewed
CVE-2021-25095
was published
Feb 8, 2022
An Improper Access Control vulnerability exists in Citrix Workspace App for Linux 2012 - 2111...
High
Unreviewed
CVE-2022-21825
was published
Feb 11, 2022
The backend infrastructure shared by multiple mobile device monitoring services does not...
High
Unreviewed
CVE-2022-0732
was published
Feb 25, 2022
Improper Access Control to Remote Code Execution in GitHub repository webmin/webmin prior to 1.990.
High
Unreviewed
CVE-2022-0824
was published
Mar 3, 2022
The Download Manager WordPress plugin before 3.2.35 does not have any authorisation checks in...
High
Unreviewed
CVE-2021-25087
was published
Mar 8, 2022
A vulnerability has been identified in Mendix Applications using Mendix 7 (All versions < V7.23...
High
Unreviewed
CVE-2022-24309
was published
Mar 9, 2022
Improper access control vulnerability in McAfee WebAdvisor Chrome and Edge browser extensions up...
High
Unreviewed
CVE-2022-0815
was published
Mar 12, 2022
The Advanced Contact form 7 DB WordPress plugin before 1.8.7 does not have authorisation nor CSRF...
High
Unreviewed
CVE-2021-24905
was published
Mar 22, 2022
A vulnerability in the Common Execution Environment (CEE) ConfD CLI of Cisco Ultra Cloud Core -...
High
Unreviewed
CVE-2022-20762
was published
Apr 7, 2022
Improper access control vulnerability in FactoryCamera prior to version 2.1.96 allows attacker to...
High
Unreviewed
CVE-2022-27838
was published
Apr 12, 2022
ZeroTierOne for windows local privilege escalation because of incorrect directory privilege in...
High
Unreviewed
CVE-2022-1316
was published
Apr 12, 2022
A vulnerability has been identified in SCALANCE X302-7 EEC (230V), SCALANCE X302-7 EEC (230V,...
High
Unreviewed
CVE-2022-25755
was published
Apr 13, 2022
An Improper Access Control vulnerability in the Juniper Networks Paragon Active Assurance Control...
High
Unreviewed
CVE-2022-22190
was published
Apr 15, 2022
A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker...
High
Unreviewed
CVE-2022-20716
was published
Apr 16, 2022
The setup program for the affected product configures its files and folders with full access,...
High
Unreviewed
CVE-2021-43986
was published
Apr 21, 2022
Buffer overflow in SpoonFTP 1.0.0.12 allows remote attackers to execute arbitrary code via a long...
High
Unreviewed
CVE-2001-0781
was published
Apr 30, 2022
IBM WebSphere Application Server (WAS) 7.0 before 7.0.0.5 does not properly read the...
High
Unreviewed
CVE-2009-2092
was published
May 2, 2022
Absolute Computrace Agent V80.845 and V80.866 does not have a digital signature for the...
High
Unreviewed
CVE-2009-5150
was published
May 2, 2022
The stub component of Absolute Computrace Agent V70.785 executes code from a disk's inter...
High
Unreviewed
CVE-2009-5151
was published
May 2, 2022
A privilege escalation vulnerability exists in the router configuration import functionality of...
High
Unreviewed
CVE-2022-21182
was published
May 13, 2022
ProTip!
Advisories are also available from the
GraphQL API