GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,274
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,419
Pub
12
RubyGems
891
Rust
872
Swift
36
Unreviewed advisories
All unreviewed
5,000+
2,306 advisories
Filter by severity
Windows Extensible Firmware Interface Security Feature Bypass Vulnerability.
Moderate
Unreviewed
CVE-2022-21899
was published
Jan 12, 2022
Secure Boot Security Feature Bypass Vulnerability.
Moderate
Unreviewed
CVE-2022-21894
was published
Jan 12, 2022
An issue was discovered in SysAid ITIL 20.4.74 b10. The /enduserreg endpoint is used to register...
Moderate
Unreviewed
CVE-2021-43974
was published
Jan 12, 2022
An issue has recently been discovered in Arista EOS where certain gNOI APIs incorrectly skip...
Critical
Unreviewed
CVE-2021-28506
was published
Jan 15, 2022
An issue has recently been discovered in Arista EOS where, under certain conditions, the service...
High
Unreviewed
CVE-2021-28507
was published
Jan 15, 2022
An issue has recently been discovered in Arista EOS where the incorrect use of EOS's AAA API’s by...
High
Unreviewed
CVE-2021-28500
was published
Jan 15, 2022
An issue has recently been discovered in Arista EOS where the incorrect use of EOS's AAA API’s by...
High
Unreviewed
CVE-2021-28501
was published
Jan 15, 2022
An issue was discovered in Delta RM 1.2. The /risque/risque/workflow/reset endpoint is lacking...
Moderate
Unreviewed
CVE-2021-44836
was published
Jan 19, 2022
An issue has been discovered in GitLab CE/EE affecting all versions starting with 12.3. Under...
Moderate
Unreviewed
CVE-2022-0172
was published
Jan 19, 2022
Mattermost 6.1 and earlier fails to sufficiently validate permissions while viewing archived...
Moderate
Unreviewed
CVE-2021-37864
was published
Jan 19, 2022
AX3600 router sensitive information leaked.There is an unauthorized interface through luci to...
High
Unreviewed
CVE-2020-14110
was published
Jan 19, 2022
Allwinner R818 SoC Android Q SDK V1.0 is affected by an incorrect access control vulnerability...
High
Unreviewed
CVE-2021-38789
was published
Jan 20, 2022
A traffic classification vulnerability in Juniper Networks Junos OS on the SRX Series Services...
Critical
Unreviewed
CVE-2022-22167
was published
Jan 20, 2022
A traffic classification vulnerability in Juniper Networks Junos OS on the SRX Series Services...
Critical
Unreviewed
CVE-2022-22157
was published
Jan 20, 2022
IBM Cognos Controller 10.4.0, 10.4.1, and 10.4.2 could be vulnerable to unauthorized...
Critical
Unreviewed
CVE-2020-4877
was published
Jan 22, 2022
The Protect WP Admin WordPress plugin before 3.6.2 does not check for authorisation in the lib...
High
Unreviewed
CVE-2021-24906
was published
Jan 25, 2022
The WP Post Page Clone WordPress plugin before 1.2 allows users with a role as low as Contributor...
Moderate
Unreviewed
CVE-2021-24733
was published
Jan 25, 2022
On BIG-IQ Centralized Management 8.x before 8.1.0, an authenticated administrative role user on a...
High
Unreviewed
CVE-2022-23009
was published
Jan 26, 2022
arm: guest_physmap_remove_page not removing the p2m mappings The functions to remove one or more...
High
Unreviewed
CVE-2022-23033
was published
Jan 26, 2022
Insufficient user authorization in Moodle
Moderate
CVE-2022-0334
was published
for
moodle/moodle
(Composer)
Jan 28, 2022
Insufficient user authorization in Moodle
Low
CVE-2022-0333
was published
for
moodle/moodle
(Composer)
Jan 28, 2022
A file disclosure vulnerability in the UploadedImageDisplay.aspx endpoint of SelectSurvey.NET...
High
Unreviewed
CVE-2021-41608
was published
Jan 29, 2022
Incorrect Authorization in calibreweb
High
CVE-2022-0273
was published
for
calibreweb
(pip)
Jan 31, 2022
The LabTools WordPress plugin through 1.0 does not have proper authorisation and CSRF check in...
Moderate
Unreviewed
CVE-2021-25097
was published
Feb 2, 2022
Improper Input Validation in Apache Pulsar
Moderate
CVE-2021-41571
was published
for
org.apache.pulsar:pulsar
(Maven)
Feb 2, 2022
ProTip!
Advisories are also available from the
GraphQL API