Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,071
Erlang
29
GitHub Actions
19
Go
1,893
Maven
5,000+
npm
3,630
NuGet
638
pip
3,243
Pub
10
RubyGems
862
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

554 advisories

Loading
High severity vulnerability that affects mercurial High
CVE-2017-9462 was published for mercurial (pip) Jul 13, 2018
Doorkeeper subject to Incorrect Permission Assignment High
CVE-2018-1000211 was published for doorkeeper (RubyGems) Aug 13, 2018
'Root Service' service implemented in the following Yokogawa Electric products creates some named... High Unreviewed
CVE-2022-22148 was published Mar 12, 2022
The matchmaking servers of Bandai Namco FromSoftware Dark Souls III through 2022-03-19 allow... High Unreviewed
CVE-2022-24125 was published Mar 21, 2022
BigAnt Server v5.6.06 was discovered to contain an incorrect access control issue. High Unreviewed
CVE-2022-26281 was published Apr 6, 2022
Synaman v5.1 and below was discovered to contain weak file permissions which allows authenticated... High Unreviewed
CVE-2022-26250 was published Apr 7, 2022
ColorOS pregrant dangerous permissions to apps which are listed in a whitelist xml named default... High Unreviewed
CVE-2021-23244 was published Dec 28, 2021
The SysDrv3S driver in the CODESYS Control runtime system on Microsoft Windows allows any system... High Unreviewed
CVE-2022-22516 was published Apr 8, 2022
controller/org.controller/org.controller.js in the CVE Services API 1.1.1 before... High Unreviewed
CVE-2021-46561 was published Feb 8, 2022
A vulnerability has been identified in SIMATIC Energy Manager Basic (All versions < V7.3 Update 1... High Unreviewed
CVE-2022-23448 was published Apr 13, 2022
In multiple locations of MediaProvider.java , there is a possible way to get read/write access to... High Unreviewed
CVE-2021-39795 was published Apr 13, 2022
An issue was discovered in CALDERA 2.8.1. It does not properly segregate user privileges,... High Unreviewed
CVE-2021-42562 was published Jan 13, 2022
VMware Workspace ONE Access, Identity Manager and vRealize Automation contain two remote code... High Unreviewed
CVE-2022-22958 was published Apr 14, 2022
Improper Access Control in Shopware High
CVE-2022-24872 was published for shopware/core (Composer) Apr 22, 2022
NilsEvers
An insecure modification flaw in the /etc/passwd file was found in the openjdk-1.8 and openjdk-11... High Unreviewed
CVE-2021-20264 was published May 24, 2022
An exploitable local privilege elevation vulnerability exists in the file system permissions of... High Unreviewed
CVE-2018-4049 was published May 13, 2022
Incorrect Permission Assignment for Critical Resource in NPM High
CVE-2018-7408 was published for npm (npm) May 13, 2022
Sunnet eHRD has broken access control vulnerability, which allows a remote attacker to access... High Unreviewed
CVE-2021-43359 was published Dec 2, 2021
An exploitable local privilege escalation vulnerability exists in the privileged helper tool of... High Unreviewed
CVE-2018-4050 was published May 13, 2022
An exploitable firmware update vulnerability exists in the NT9665X Chipset firmware running on... High Unreviewed
CVE-2018-4028 was published May 24, 2022
Mesa Labs AmegaView Versions 3.0 and prior has insecure file permissions that could be exploited... High Unreviewed
CVE-2021-27445 was published Dec 22, 2021
In various methods of WifiNetworkSuggestionsManager.java, there is a possible modification of... High Unreviewed
CVE-2021-0390 was published May 24, 2022
SonLogger before 6.4.1 is affected by user creation with any user permissions profile (e.g.,... High Unreviewed
CVE-2021-27963 was published May 24, 2022
Grafana Enterprise 7.2.x and 7.3.x before 7.3.10 and 7.4.x before 7.4.5 allows a dashboard editor... High Unreviewed
CVE-2021-27962 was published May 24, 2022
Multiple files and folders in Utimaco SecurityServer 4.20.0.4 and 4.31.1.0. are installed with... High Unreviewed
CVE-2020-26155 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API