Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,876
Erlang
37
GitHub Actions
36
Go
2,521
Maven
5,000+
npm
4,167
NuGet
741
pip
3,963
Pub
12
RubyGems
946
Rust
1,028
Swift
39
Unreviewed advisories
All unreviewed
5,000+

2,794 advisories

Loading
Improper Access Control in GitHub repository chocobozzz/peertube prior to 4.1.0. Moderate Unreviewed
CVE-2022-0727 was published Feb 24, 2022
Improper Authorization in GitHub repository chocobozzz/peertube prior to 4.1.0. Moderate Unreviewed
CVE-2022-0726 was published Feb 24, 2022
Improper Authorization in dolibarr/dolibarr Moderate
CVE-2022-0731 was published for dolibarr/dolibarr (Composer) Feb 24, 2022
Incorrect Authorization in runc High
CVE-2019-16884 was published for github.com/opencontainers/runc (Go) Feb 22, 2022
The Coming soon and Maintenance mode WordPress plugin before 3.6.8 does not have authorisation... Moderate Unreviewed
CVE-2022-0164 was published Feb 22, 2022
An issue was discovered in Cerebrate through 1.4. An incorrect sharing group ACL allowed an... Moderate Unreviewed
CVE-2022-25318 was published Feb 19, 2022
Multiple flaws were found in the way samba AD DC implemented access and conformance checking of... High Unreviewed
CVE-2020-25722 was published Feb 19, 2022
MMP: All versions prior to v1.0.3, PTP C-series: Device versions prior to v2.8.6.1, and PTMP C... Critical Unreviewed
CVE-2022-21141 was published Feb 19, 2022
MMP: All versions prior to v1.0.3, PTP C-series: Device versions prior to v2.8.6.1, and PTMP C... Critical Unreviewed
CVE-2022-21196 was published Feb 19, 2022
Incorrect authorization in Drupal core Moderate
CVE-2022-25270 was published for drupal/core (Composer) Feb 18, 2022
The UpdraftPlus WordPress plugin Free before 1.22.3 and Premium before 2.22.3 do not properly... Moderate Unreviewed
CVE-2022-0633 was published Feb 18, 2022
VMware ESXi contains an unauthorized access vulnerability due to VMX having access to settingsd... High Unreviewed
CVE-2021-22042 was published Feb 17, 2022
It was found that polkit could be tricked into bypassing the credential checks for D-Bus requests... High Unreviewed
CVE-2021-3560 was published Feb 17, 2022
Improper Access Control in librenms High
CVE-2022-0580 was published for librenms/librenms (Composer) Feb 16, 2022
Affected versions of Atlassian Jira Service Management Server and Data Center allow authenticated... Moderate Unreviewed
CVE-2021-43948 was published Feb 16, 2022
Reject unauthorized access with GitHub PATs High
CVE-2021-21432 was published for github.com/go-vela/server (Go) Feb 15, 2022
JordanSussman
Duplicate Advisory: Incorrect Access Control in github.com/nats-io/jwt and github.com/nats-io/nats-server/v2 High
GHSA-9r5x-fjv3-q6h4 was published for github.com/nats-io/jwt (Go) Feb 15, 2022 withdrawn
Incorrect Authorization in PostgreSQL Moderate Unreviewed
CVE-2021-20229 was published Feb 15, 2022
Incorrect Authorization in WildFly Elytron High
CVE-2020-1748 was published for org.wildfly.security:wildfly-elytron (Maven) Feb 15, 2022
nats-io/jwt not enforcing checking of Import token permissions Critical
CVE-2021-3127 was published for github.com/nats-io/jwt (Go) Feb 15, 2022
Inappropriate implementation in Autofill in Google Chrome prior to 97.0.4692.99 allowed a remote... Moderate Unreviewed
CVE-2022-0309 was published Feb 15, 2022
Inappropriate implementation in Service Worker API in Google Chrome prior to 97.0.4692.99 allowed... Moderate Unreviewed
CVE-2022-0305 was published Feb 15, 2022
Kiteworks MFT 7.5 may allow an unauthorized user to reset other users' passwords. This is fixed... Moderate Unreviewed
CVE-2022-24110 was published Feb 15, 2022
antd-admin 5.5.0 is affected by an incorrect access control vulnerability. Unauthorized access to... High Unreviewed
CVE-2021-46371 was published Feb 15, 2022
Sangoma Technologies Corporation Switchvox Version 102409 is affected by an information... Moderate Unreviewed
CVE-2021-45310 was published Feb 15, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database