Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
20
Go
2,000
Maven
5,000+
npm
3,711
NuGet
661
pip
3,383
Pub
11
RubyGems
885
Rust
849
Swift
36
Unreviewed advisories
All unreviewed
5,000+

1,172 advisories

Loading
SimpleMachinesForum 2.1.1 and earlier allows remote authenticated administrators to execute... High Unreviewed
CVE-2022-26982 was published Apr 6, 2022
In RuoYi v4.7.2 through the WebUI, user test1 does not have permission to reset the password of... Moderate Unreviewed
CVE-2022-23869 was published Mar 31, 2022
Missing permission check in Jenkins JiraTestResultReporter Plugin Moderate
CVE-2022-28137 was published for org.jenkins-ci.plugins:JiraTestResultReporter (Maven) Mar 30, 2022
NotMyFault
SaltStack Salt Permissions Bypass High
CVE-2022-22941 was published for salt (pip) Mar 30, 2022
An insecure permissions vulnerability in Snapt Aria v12.8 allows unauthenticated attackers to... Low Unreviewed
CVE-2022-24236 was published Mar 22, 2022
The matchmaking servers of Bandai Namco FromSoftware Dark Souls III through 2022-03-19 allow... High Unreviewed
CVE-2022-24125 was published Mar 21, 2022
TMS v2.28.0 contains an insecure permissions vulnerability via the component /TMS/admin/user... Moderate Unreviewed
CVE-2022-26247 was published Mar 21, 2022
A vulnerability in the Brocade Fabric OS before Brocade Fabric OS v9.0.1a, v8.2.3, v8.2.0_CBN4,... Moderate Unreviewed
CVE-2020-15388 was published Mar 19, 2022
Description: A permissions issue was addressed with improved validation. This issue is fixed in... Low Unreviewed
CVE-2022-22599 was published Mar 19, 2022
Whale Bridge, a default extension in Whale browser before 3.12.129.18, allowed to receive any... Critical Unreviewed
CVE-2022-24074 was published Mar 18, 2022
A Improper Privilege Management vulnerability in the sudoers configuration in cscreen of openSUSE... High Unreviewed
CVE-2022-21946 was published Mar 17, 2022
'Root Service' service implemented in the following Yokogawa Electric products creates some named... High Unreviewed
CVE-2022-22148 was published Mar 12, 2022
NVIDIA distributions of Jetson Linux contain a vulnerability where an error in the IOMMU... High Unreviewed
CVE-2022-21819 was published Mar 12, 2022
Ericsson Network Manager 20.2 has Insecure Permissions. Moderate Unreviewed
CVE-2021-28488 was published Mar 11, 2022
It was discovered that the SteelCentral AppInternals Dynamic Sampling Agent (DSA) uses the "... High Unreviewed
CVE-2021-42855 was published Mar 11, 2022
Incorrect Permission Assignment for Critical Resource vulnerability in the crash handling... High Unreviewed
CVE-2021-4199 was published Mar 8, 2022
A flaw was found in libvirt while it generates SELinux MCS category pairs for VMs' dynamic labels... Moderate Unreviewed
CVE-2021-3631 was published Mar 4, 2022
An issue was discovered in the web application in Cherwell Service Management (CSM) 10.2.3. The... Moderate Unreviewed
CVE-2022-26157 was published Mar 1, 2022
The Job Composer app in Ohio Supercomputer Center Open OnDemand before 1.7.19 and 1.8.x before 1... Moderate Unreviewed
CVE-2020-27958 was published Feb 27, 2022
An issue exists in Fuchsia where VMO data can be modified through access to copy-on-write... Moderate Unreviewed
CVE-2022-0247 was published Feb 26, 2022
In JetBrains Hub before 2021.1.13890, integration with JetBrains Account exposed an API key with... High Unreviewed
CVE-2022-24327 was published Feb 26, 2022
WatchGuard Firebox and XTM appliances allow an authenticated remote attacker with unprivileged... Moderate Unreviewed
CVE-2022-25363 was published Feb 25, 2022
A flaw was found in the way samba, as an Active Directory Domain Controller, is able to support... High Unreviewed
CVE-2020-25718 was published Feb 19, 2022
RigoBlock Dragos through 2022-02-17 lacks the onlyOwner modifier for setMultipleAllowances. This... High Unreviewed
CVE-2022-25335 was published Feb 19, 2022
A flaw was found in argocd. Any unprivileged user is able to deploy argocd in their namespace and... Moderate Unreviewed
CVE-2021-3557 was published Feb 17, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database