GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,238
Erlang
31
GitHub Actions
21
Go
2,005
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
583 advisories
Filter by severity
Doorkeeper subject to Incorrect Permission Assignment
High
CVE-2018-1000211
was published
for
doorkeeper
(RubyGems)
Aug 13, 2018
'Root Service' service implemented in the following Yokogawa Electric products creates some named...
High
Unreviewed
CVE-2022-22148
was published
Mar 12, 2022
The matchmaking servers of Bandai Namco FromSoftware Dark Souls III through 2022-03-19 allow...
High
Unreviewed
CVE-2022-24125
was published
Mar 21, 2022
BigAnt Server v5.6.06 was discovered to contain an incorrect access control issue.
High
Unreviewed
CVE-2022-26281
was published
Apr 6, 2022
Synaman v5.1 and below was discovered to contain weak file permissions which allows authenticated...
High
Unreviewed
CVE-2022-26250
was published
Apr 7, 2022
ColorOS pregrant dangerous permissions to apps which are listed in a whitelist xml named default...
High
Unreviewed
CVE-2021-23244
was published
Dec 28, 2021
The SysDrv3S driver in the CODESYS Control runtime system on Microsoft Windows allows any system...
High
Unreviewed
CVE-2022-22516
was published
Apr 8, 2022
controller/org.controller/org.controller.js in the CVE Services API 1.1.1 before...
High
Unreviewed
CVE-2021-46561
was published
Feb 8, 2022
A vulnerability has been identified in SIMATIC Energy Manager Basic (All versions < V7.3 Update 1...
High
Unreviewed
CVE-2022-23448
was published
Apr 13, 2022
In multiple locations of MediaProvider.java , there is a possible way to get read/write access to...
High
Unreviewed
CVE-2021-39795
was published
Apr 13, 2022
An issue was discovered in CALDERA 2.8.1. It does not properly segregate user privileges,...
High
Unreviewed
CVE-2021-42562
was published
Jan 13, 2022
VMware Workspace ONE Access, Identity Manager and vRealize Automation contain two remote code...
High
Unreviewed
CVE-2022-22958
was published
Apr 14, 2022
Improper Access Control in Shopware
High
CVE-2022-24872
was published
for
shopware/core
(Composer)
Apr 22, 2022
An insecure modification flaw in the /etc/passwd file was found in the openjdk-1.8 and openjdk-11...
High
Unreviewed
CVE-2021-20264
was published
May 24, 2022
An exploitable local privilege elevation vulnerability exists in the file system permissions of...
High
Unreviewed
CVE-2018-4049
was published
May 13, 2022
Incorrect Permission Assignment for Critical Resource in NPM
High
CVE-2018-7408
was published
for
npm
(npm)
May 13, 2022
An exploitable local privilege escalation vulnerability exists in the privileged helper tool of...
High
Unreviewed
CVE-2018-4050
was published
May 13, 2022
Sunnet eHRD has broken access control vulnerability, which allows a remote attacker to access...
High
Unreviewed
CVE-2021-43359
was published
Dec 2, 2021
An exploitable firmware update vulnerability exists in the NT9665X Chipset firmware running on...
High
Unreviewed
CVE-2018-4028
was published
May 24, 2022
Mesa Labs AmegaView Versions 3.0 and prior has insecure file permissions that could be exploited...
High
Unreviewed
CVE-2021-27445
was published
Dec 22, 2021
In various methods of WifiNetworkSuggestionsManager.java, there is a possible modification of...
High
Unreviewed
CVE-2021-0390
was published
May 24, 2022
SonLogger before 6.4.1 is affected by user creation with any user permissions profile (e.g.,...
High
Unreviewed
CVE-2021-27963
was published
May 24, 2022
Multiple files and folders in Utimaco SecurityServer 4.20.0.4 and 4.31.1.0. are installed with...
High
Unreviewed
CVE-2020-26155
was published
May 24, 2022
Grafana Enterprise 7.2.x and 7.3.x before 7.3.10 and 7.4.x before 7.4.5 allows a dashboard editor...
High
Unreviewed
CVE-2021-27962
was published
May 24, 2022
IBM Security Identity Manager 7.0.2 could allow an authenticated user to bypass security and...
High
Unreviewed
CVE-2021-29686
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API