GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,274
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,419
Pub
12
RubyGems
891
Rust
872
Swift
36
Unreviewed advisories
All unreviewed
5,000+
889 advisories
Filter by severity
Improper Privilege Management in shelljs
Moderate
GHSA-64g7-mvw6-v9qj
was published
for
shelljs
(npm)
Jan 14, 2022
katello Improper Privilege Management vulnerability
Moderate
CVE-2017-2662
was published
for
katello
(RubyGems)
May 13, 2022
In preloader (usb), there is a possible permission bypass due to a missing proper image...
Moderate
Unreviewed
CVE-2022-20060
was published
Mar 11, 2022
In ims service, there is a possible unexpected application behavior due to incorrect privilege...
Moderate
Unreviewed
CVE-2022-20051
was published
Mar 11, 2022
In vpu, there is a possible escalation of privilege due to a missing permission check. This could...
Moderate
Unreviewed
CVE-2022-20049
was published
Mar 11, 2022
Ericsson Network Manager 20.2 has Insecure Permissions.
Moderate
Unreviewed
CVE-2021-28488
was published
Mar 11, 2022
One of the API in Mattermost version 6.3.0 and earlier fails to properly protect the permissions,...
Moderate
Unreviewed
CVE-2022-1003
was published
Mar 19, 2022
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 9.7, 10.1, 10.5, 11.1, and 11.5...
Moderate
Unreviewed
CVE-2021-38926
was published
Dec 10, 2021
An issue has been discovered in GitLab CE/EE affecting all versions starting from 8.11 before 14...
Moderate
Unreviewed
CVE-2021-39931
was published
Dec 14, 2021
In ic_startRetrieveEntryValue of acropora/app/identity/ic.c, there is a possible bypass of...
Moderate
Unreviewed
CVE-2021-39643
was published
Dec 16, 2021
In Telecomm, there is a possible way to determine whether an app is installed, without query...
Moderate
Unreviewed
CVE-2021-39778
was published
Mar 31, 2022
Windows Mobile Device Management Elevation of Privilege Vulnerability
Moderate
Unreviewed
CVE-2021-43880
was published
Dec 16, 2021
IBM SterlingPartner Engagement Manager 6.2.0 could allow a malicious user to elevate their...
Moderate
Unreviewed
CVE-2022-22328
was published
Apr 2, 2022
Dell VNX2 for File version 8.1.21.266 and earlier, contain a privilege escalation vulnerability....
Moderate
Unreviewed
CVE-2021-36293
was published
Apr 9, 2022
Dell VNX2 for File version 8.1.21.266 and earlier, contain a privilege escalation vulnerability....
Moderate
Unreviewed
CVE-2021-36290
was published
Apr 9, 2022
A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE)...
Moderate
Unreviewed
CVE-2022-20782
was published
Apr 7, 2022
StorageGRID (formerly StorageGRID Webscale) versions 11.5 prior to 11.5.0.5 are susceptible to a...
Moderate
Unreviewed
CVE-2021-27006
was published
Dec 24, 2021
Dell PowerScale OneFS, versions 8.2.0-9.3.0, contains an Improper Handling of Insufficient...
Moderate
Unreviewed
CVE-2022-23160
was published
Apr 13, 2022
Insufficient control flow management in the firmware for some Intel(R) Processors may allow a...
Moderate
Unreviewed
CVE-2021-0103
was published
Feb 11, 2022
A potential security vulnerability has been identified in HPE Superdome Flex and Superdome Flex...
Moderate
Unreviewed
CVE-2022-23702
was published
Apr 13, 2022
A flaw was found in cifs-utils in versions before 6.13. A user when mounting a krb5 CIFS file...
Moderate
Unreviewed
CVE-2021-20208
was published
May 24, 2022
An issue was discovered in Delta RM 1.2. Using an privileged account, it is possible to edit,...
Moderate
Unreviewed
CVE-2021-44840
was published
Jan 19, 2022
An issue was discovered in MB connect line mymbCONNECT24 and mbCONNECT24 software in all versions...
Moderate
Unreviewed
CVE-2020-12527
was published
May 24, 2022
IBM Cognos Analytics 11.1.7, 11.2.0, and 11.1.7 is vulnerable to priviledge escalation where a...
Moderate
Unreviewed
CVE-2021-29824
was published
Apr 23, 2022
SAP startservice - of SAP NetWeaver Application Server ABAP, Application Server Java, ABAP...
Moderate
Unreviewed
CVE-2022-29614
was published
Jun 15, 2022
ProTip!
Advisories are also available from the
GraphQL API