GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,272
Erlang
31
GitHub Actions
21
Go
2,047
Maven
5,000+
npm
3,739
NuGet
668
pip
3,415
Pub
12
RubyGems
891
Rust
868
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
839 advisories
Filter by severity
An Improper Access Control Vulnerability in the SMA100 series leads to multiple restricted...
High
Unreviewed
CVE-2021-20050
was published
Dec 24, 2021
There is an unauthorized access vulnerability in system components. Successful exploitation of...
High
Unreviewed
CVE-2021-40051
was published
Mar 11, 2022
Some AMD CPUs may transiently execute beyond unconditional direct branches, which may potentially...
Moderate
Unreviewed
CVE-2021-26341
was published
Mar 12, 2022
Improper access control vulnerability in McAfee WebAdvisor Chrome and Edge browser extensions up...
High
Unreviewed
CVE-2022-0815
was published
Mar 12, 2022
IBM Engineering Workflow Management 7.0, 7.0.1, and 7.0.2 and IBM Rational Team Concert 6.0.6 and...
Moderate
Unreviewed
CVE-2020-4989
was published
Mar 16, 2022
The /rest-service-fecru/server-v1 resource in Fisheye and Crucible before version 4.8.9 allowed...
Moderate
Unreviewed
CVE-2021-43955
was published
Mar 17, 2022
In __show_regs of process.c, there is a possible leak of kernel memory and addresses due to log...
Moderate
Unreviewed
CVE-2021-39715
was published
Mar 17, 2022
An information disclosure issue was addressed with improved state management. This issue is fixed...
High
Unreviewed
CVE-2022-22579
was published
Mar 19, 2022
This issue was addressed with improved checks. This issue is fixed in iOS 15.4 and iPadOS 15.4. A...
Moderate
Unreviewed
CVE-2022-22622
was published
Mar 19, 2022
An issue with app access to camera metadata was addressed with improved logic. This issue is...
Low
Unreviewed
CVE-2022-22598
was published
Mar 19, 2022
The GSMA authentication panel could be presented on the lock screen. The issue was resolved by...
Moderate
Unreviewed
CVE-2022-22652
was published
Mar 19, 2022
BigAnt Software BigAnt Server v5.6.06 was discovered to contain incorrect access control.
High
Unreviewed
CVE-2022-23345
was published
Mar 22, 2022
Piwigo v12.2.0 was discovered to contain an information leak via the action parameter in /admin...
High
Unreviewed
CVE-2022-26267
was published
Mar 20, 2022
A permissions issue was addressed with improved validation. This issue is fixed in Security...
Moderate
Unreviewed
CVE-2022-22583
was published
Mar 19, 2022
OpenEMR v6.0.0 was discovered to contain an incorrect access control issue.
Moderate
Unreviewed
CVE-2022-25041
was published
Mar 25, 2022
GE UR firmware versions prior to version 8.1x shares MODBUS memory map as part of the...
Moderate
Unreviewed
CVE-2021-27424
was published
Mar 24, 2022
Gradle Enterprise before 2022.1 allows remote code execution if the installation process did not...
Critical
Unreviewed
CVE-2022-27919
was published
Mar 26, 2022
On unix-like systems, the system temporary directory is shared between all users on that system....
Moderate
Unreviewed
CVE-2021-22572
was published
Mar 30, 2022
In gadget_dev_desc_UDC_show of configfs.c, there is a possible disclosure of kernel heap memory...
Moderate
Unreviewed
CVE-2021-39648
was published
Dec 16, 2021
In getOrganizationNameForUser of DevicePolicyManagerService.java, there is a possible...
Low
Unreviewed
CVE-2021-0982
was published
Dec 16, 2021
IBM Cognos Analytics 11.1.7 and 11.2.0 could allow a low level user to reas of the application...
Moderate
Unreviewed
CVE-2021-29716
was published
Dec 4, 2021
In PermissionController, there is a possible permission bypass due to an unsafe PendingIntent....
Moderate
Unreviewed
CVE-2021-39757
was published
Mar 31, 2022
IBM Cognos Analytics 11.1.7 and 11.2.0 could allow an authenticated to view or edit a Jupyter...
Moderate
Unreviewed
CVE-2021-29867
was published
Dec 4, 2021
In Telephony, there is a possible way to determine whether an app is installed, without query...
Moderate
Unreviewed
CVE-2021-39777
was published
Mar 31, 2022
In code generated by BuildParcelFields of generate_cpp.cpp, there is a possible way for a crafted...
Moderate
Unreviewed
CVE-2021-0966
was published
Dec 16, 2021
ProTip!
Advisories are also available from the
GraphQL API