Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,224
Erlang
31
GitHub Actions
19
Go
1,990
Maven
5,000+
npm
3,706
NuGet
661
pip
3,336
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

864 advisories

Loading
Adobe Creative Cloud version 5.5 (and earlier) are affected by a privilege escalation... High Unreviewed
CVE-2021-43019 was published Nov 24, 2021
Insulet Omnipod Insulin Management System insulin pump product ID 19191 and 40160 is designed to... High Unreviewed
CVE-2020-10627 was published Dec 2, 2021
peertube is vulnerable to Improper Access Control High Unreviewed
CVE-2022-0133 was published Jan 11, 2022
The Protect WP Admin WordPress plugin before 3.6.2 does not check for authorisation in the lib... High Unreviewed
CVE-2021-24906 was published Jan 25, 2022
Prior to v0.6.1, bored-agent failed to sanitize incoming kubernetes impersonation headers... High Unreviewed
CVE-2022-0270 was published Jan 26, 2022
The IP2Location Country Blocker WordPress plugin before 2.26.5 does not have authorisation and... High Unreviewed
CVE-2021-25095 was published Feb 8, 2022
An Improper Access Control vulnerability exists in Citrix Workspace App for Linux 2012 - 2111... High Unreviewed
CVE-2022-21825 was published Feb 11, 2022
The backend infrastructure shared by multiple mobile device monitoring services does not... High Unreviewed
CVE-2022-0732 was published Feb 25, 2022
Improper Access Control to Remote Code Execution in GitHub repository webmin/webmin prior to 1.990. High Unreviewed
CVE-2022-0824 was published Mar 3, 2022
The Download Manager WordPress plugin before 3.2.35 does not have any authorisation checks in... High Unreviewed
CVE-2021-25087 was published Mar 8, 2022
A vulnerability has been identified in Mendix Applications using Mendix 7 (All versions < V7.23... High Unreviewed
CVE-2022-24309 was published Mar 9, 2022
Improper access control vulnerability in McAfee WebAdvisor Chrome and Edge browser extensions up... High Unreviewed
CVE-2022-0815 was published Mar 12, 2022
The Advanced Contact form 7 DB WordPress plugin before 1.8.7 does not have authorisation nor CSRF... High Unreviewed
CVE-2021-24905 was published Mar 22, 2022
A vulnerability in the Common Execution Environment (CEE) ConfD CLI of Cisco Ultra Cloud Core -... High Unreviewed
CVE-2022-20762 was published Apr 7, 2022
Improper access control vulnerability in FactoryCamera prior to version 2.1.96 allows attacker to... High Unreviewed
CVE-2022-27838 was published Apr 12, 2022
ZeroTierOne for windows local privilege escalation because of incorrect directory privilege in... High Unreviewed
CVE-2022-1316 was published Apr 12, 2022
A vulnerability has been identified in SCALANCE X302-7 EEC (230V), SCALANCE X302-7 EEC (230V,... High Unreviewed
CVE-2022-25755 was published Apr 13, 2022
An Improper Access Control vulnerability in the Juniper Networks Paragon Active Assurance Control... High Unreviewed
CVE-2022-22190 was published Apr 15, 2022
A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker... High Unreviewed
CVE-2022-20716 was published Apr 16, 2022
The setup program for the affected product configures its files and folders with full access,... High Unreviewed
CVE-2021-43986 was published Apr 21, 2022
Buffer overflow in SpoonFTP 1.0.0.12 allows remote attackers to execute arbitrary code via a long... High Unreviewed
CVE-2001-0781 was published Apr 30, 2022
IBM WebSphere Application Server (WAS) 7.0 before 7.0.0.5 does not properly read the... High Unreviewed
CVE-2009-2092 was published May 2, 2022
Absolute Computrace Agent V80.845 and V80.866 does not have a digital signature for the... High Unreviewed
CVE-2009-5150 was published May 2, 2022
The stub component of Absolute Computrace Agent V70.785 executes code from a disk's inter... High Unreviewed
CVE-2009-5151 was published May 2, 2022
A privilege escalation vulnerability exists in the router configuration import functionality of... High Unreviewed
CVE-2022-21182 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database