GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,133
Erlang
29
GitHub Actions
19
Go
1,940
Maven
5,000+
npm
3,677
NuGet
645
pip
3,295
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+
883 advisories
Filter by severity
A vulnerability in Cisco Webex Meetings for Android could allow an authenticated, remote attacker...
Moderate
Unreviewed
CVE-2021-1467
was published
May 24, 2022
Improper privilege management vulnerability in Samsung Account prior to 13.2.00.6 allows...
Moderate
Unreviewed
CVE-2022-30743
was published
Jun 8, 2022
Operational restrictions bypass vulnerability in Scheduler and MultiReport of Cybozu Garoon 4.0.0...
Moderate
Unreviewed
CVE-2021-20768
was published
May 24, 2022
A security vulnerability that can lead to local privilege escalation has been found in ’guix...
Moderate
Unreviewed
CVE-2021-27851
was published
May 24, 2022
Improper privilege management vulnerability in Samsung Account prior to 13.2.00.6 allows...
Moderate
Unreviewed
CVE-2022-30736
was published
Jun 8, 2022
Improper privilege management vulnerability in Samsung Account prior to 13.2.00.6 allows...
Moderate
Unreviewed
CVE-2022-30739
was published
Jun 8, 2022
An issue was discovered in Zammad before 5.0.1. In some cases, there is improper enforcement of...
Moderate
Unreviewed
CVE-2021-42137
was published
May 24, 2022
Each authenticated Orion Platform user in a MSP (Managed Service Provider) environment can view...
Moderate
Unreviewed
CVE-2021-35225
was published
May 24, 2022
Cloudera Manager 7.2.4 has Incorrect Access Control, allowing Escalation of Privileges to view...
Moderate
Unreviewed
CVE-2021-32483
was published
May 24, 2022
Microsoft File Server Shadow Copy Agent Service (RVSS) Elevation of Privilege Vulnerability.
Moderate
Unreviewed
CVE-2022-30154
was published
Jun 16, 2022
A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE)...
Moderate
Unreviewed
CVE-2022-20819
was published
Jun 16, 2022
Nessus versions 8.15.2 and earlier were found to contain a local privilege escalation...
Moderate
Unreviewed
CVE-2021-20135
was published
May 24, 2022
Marval MSM v14.19.0.12476 has an Improper Access Control vulnerability which allows a low...
Moderate
Unreviewed
CVE-2022-31884
was published
Jun 29, 2022
A CWE-269: Improper Privilege Management vulnerability exists that could allow elevated...
Moderate
Unreviewed
CVE-2022-34754
was published
Jul 14, 2022
A privilege chaining vulnerability [CWE-268] in FortiManager and FortiAnalyzer 6.0.x, 6.2.x, 6.4...
Moderate
Unreviewed
CVE-2022-26118
was published
Jul 19, 2022
Multiple vulnerabilities in Cisco Nexus Dashboard could allow an authenticated, local attacker to...
Moderate
Unreviewed
CVE-2022-20906
was published
Jul 23, 2022
Multiple vulnerabilities in Cisco Nexus Dashboard could allow an authenticated, local attacker to...
Moderate
Unreviewed
CVE-2022-20907
was published
Jul 23, 2022
IBM Robotic Process Automation 21.0.0, 21.0.1, and 21.0.2 could disclose sensitive information...
Moderate
Unreviewed
CVE-2022-34338
was published
Aug 2, 2022
A missing user check in Nextcloud prior to 20.0.6 inadvertently populates a user's own...
Moderate
Unreviewed
CVE-2021-22877
was published
May 24, 2022
Orbit Fox by ThemeIsle has a feature to add a registration form to both the Elementor and Beaver...
Moderate
Unreviewed
CVE-2021-24158
was published
May 24, 2022
IBM i 7.4 users who have done a Restore User Profile (RSTUSRPRF) on a system which has been...
Moderate
Unreviewed
CVE-2019-4536
was published
May 24, 2022
The Privilege Escalation vulnerability discovered in the WP Google Map WordPress plugin (versions...
Moderate
Unreviewed
CVE-2021-45729
was published
Jan 26, 2022
Insufficient control flow management in subsystem for Intel(R) CSME versions before 11.8.80, 11...
Moderate
Unreviewed
CVE-2020-8745
was published
May 24, 2022
Inappropriate implementation in installer in Google Chrome on Windows prior to 78.0.3904.70...
Moderate
Unreviewed
CVE-2019-13702
was published
May 24, 2022
WordPress before 5.3.1 allowed an unauthenticated user to make a post sticky through the REST API...
Moderate
Unreviewed
CVE-2019-20043
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API