Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,133
Erlang
29
GitHub Actions
19
Go
1,940
Maven
5,000+
npm
3,677
NuGet
645
pip
3,295
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+

883 advisories

Loading
A vulnerability in Cisco Webex Meetings for Android could allow an authenticated, remote attacker... Moderate Unreviewed
CVE-2021-1467 was published May 24, 2022
Improper privilege management vulnerability in Samsung Account prior to 13.2.00.6 allows... Moderate Unreviewed
CVE-2022-30743 was published Jun 8, 2022
Operational restrictions bypass vulnerability in Scheduler and MultiReport of Cybozu Garoon 4.0.0... Moderate Unreviewed
CVE-2021-20768 was published May 24, 2022
A security vulnerability that can lead to local privilege escalation has been found in ’guix... Moderate Unreviewed
CVE-2021-27851 was published May 24, 2022
Improper privilege management vulnerability in Samsung Account prior to 13.2.00.6 allows... Moderate Unreviewed
CVE-2022-30736 was published Jun 8, 2022
Improper privilege management vulnerability in Samsung Account prior to 13.2.00.6 allows... Moderate Unreviewed
CVE-2022-30739 was published Jun 8, 2022
An issue was discovered in Zammad before 5.0.1. In some cases, there is improper enforcement of... Moderate Unreviewed
CVE-2021-42137 was published May 24, 2022
Each authenticated Orion Platform user in a MSP (Managed Service Provider) environment can view... Moderate Unreviewed
CVE-2021-35225 was published May 24, 2022
Cloudera Manager 7.2.4 has Incorrect Access Control, allowing Escalation of Privileges to view... Moderate Unreviewed
CVE-2021-32483 was published May 24, 2022
Microsoft File Server Shadow Copy Agent Service (RVSS) Elevation of Privilege Vulnerability. Moderate Unreviewed
CVE-2022-30154 was published Jun 16, 2022
A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE)... Moderate Unreviewed
CVE-2022-20819 was published Jun 16, 2022
Nessus versions 8.15.2 and earlier were found to contain a local privilege escalation... Moderate Unreviewed
CVE-2021-20135 was published May 24, 2022
Marval MSM v14.19.0.12476 has an Improper Access Control vulnerability which allows a low... Moderate Unreviewed
CVE-2022-31884 was published Jun 29, 2022
A CWE-269: Improper Privilege Management vulnerability exists that could allow elevated... Moderate Unreviewed
CVE-2022-34754 was published Jul 14, 2022
A privilege chaining vulnerability [CWE-268] in FortiManager and FortiAnalyzer 6.0.x, 6.2.x, 6.4... Moderate Unreviewed
CVE-2022-26118 was published Jul 19, 2022
Multiple vulnerabilities in Cisco Nexus Dashboard could allow an authenticated, local attacker to... Moderate Unreviewed
CVE-2022-20906 was published Jul 23, 2022
Multiple vulnerabilities in Cisco Nexus Dashboard could allow an authenticated, local attacker to... Moderate Unreviewed
CVE-2022-20907 was published Jul 23, 2022
IBM Robotic Process Automation 21.0.0, 21.0.1, and 21.0.2 could disclose sensitive information... Moderate Unreviewed
CVE-2022-34338 was published Aug 2, 2022
A missing user check in Nextcloud prior to 20.0.6 inadvertently populates a user's own... Moderate Unreviewed
CVE-2021-22877 was published May 24, 2022
Orbit Fox by ThemeIsle has a feature to add a registration form to both the Elementor and Beaver... Moderate Unreviewed
CVE-2021-24158 was published May 24, 2022
IBM i 7.4 users who have done a Restore User Profile (RSTUSRPRF) on a system which has been... Moderate Unreviewed
CVE-2019-4536 was published May 24, 2022
The Privilege Escalation vulnerability discovered in the WP Google Map WordPress plugin (versions... Moderate Unreviewed
CVE-2021-45729 was published Jan 26, 2022
Insufficient control flow management in subsystem for Intel(R) CSME versions before 11.8.80, 11... Moderate Unreviewed
CVE-2020-8745 was published May 24, 2022
Inappropriate implementation in installer in Google Chrome on Windows prior to 78.0.3904.70... Moderate Unreviewed
CVE-2019-13702 was published May 24, 2022
WordPress before 5.3.1 allowed an unauthenticated user to make a post sticky through the REST API... Moderate Unreviewed
CVE-2019-20043 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database