Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,386
Erlang
33
GitHub Actions
22
Go
2,141
Maven
5,000+
npm
3,803
NuGet
687
pip
3,480
Pub
12
RubyGems
897
Rust
898
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

243 advisories

Loading
The public API error causes for the attacker to be able to bypass API access control. Critical Unreviewed
CVE-2022-23730 was published Mar 12, 2022
Luocms v2.0 is affected by an incorrect access control vulnerability. Through /admin/templates... Critical Unreviewed
CVE-2022-24609 was published Mar 11, 2022
The TP-240 (aka tp240dvr) component in Mitel MiCollab before 9.4 SP1 FP1 and MiVoice Business... Critical Unreviewed
CVE-2022-26143 was published Mar 11, 2022
Zoho ManageEngine SharePoint Manager Plus before 4329 allows account takeover because... Critical Unreviewed
CVE-2022-24306 was published Mar 3, 2022
An incorrect access control issue in HMS v1.0 allows unauthenticated attackers to read and modify... Critical Unreviewed
CVE-2022-25402 was published Feb 25, 2022
MMP: All versions prior to v1.0.3, PTP C-series: Device versions prior to v2.8.6.1, and PTMP C... Critical Unreviewed
CVE-2022-21196 was published Feb 19, 2022
MMP: All versions prior to v1.0.3, PTP C-series: Device versions prior to v2.8.6.1, and PTMP C... Critical Unreviewed
CVE-2022-21141 was published Feb 19, 2022
There is an arbitrary address access vulnerability with the product line test code.Successful... Critical Unreviewed
CVE-2021-39994 was published Feb 11, 2022
Mastodon before 3.3.2 and 3.4.x before 3.4.6 has incorrect access control because it does not... Critical Unreviewed
CVE-2022-24307 was published Feb 10, 2022
IBM Security Verify Access 10.0.0.0, 10.0.1.0 and 10.0.2.0 with the advanced access control... Critical Unreviewed
CVE-2021-39070 was published Feb 3, 2022
IBM Cognos Controller 10.4.0, 10.4.1, and 10.4.2 could be vulnerable to unauthorized... Critical Unreviewed
CVE-2020-4877 was published Jan 22, 2022
A traffic classification vulnerability in Juniper Networks Junos OS on the SRX Series Services... Critical Unreviewed
CVE-2022-22157 was published Jan 20, 2022
A traffic classification vulnerability in Juniper Networks Junos OS on the SRX Series Services... Critical Unreviewed
CVE-2022-22167 was published Jan 20, 2022
An issue has recently been discovered in Arista EOS where certain gNOI APIs incorrectly skip... Critical Unreviewed
CVE-2021-28506 was published Jan 15, 2022
Trendnet AC2600 TEW-827DRU version 2.08B01 does not have sufficient access controls for the WAN... Critical Unreviewed
CVE-2021-20149 was published Dec 31, 2021
IBM Spectrum Copy Data Management 2.2.13 and earlier could allow a remote attacker to access the... Critical Unreviewed
CVE-2021-39052 was published Dec 14, 2021
An Incorrect Access Control vulnerability exists in zzcms less than or equal to 2019 via admin... Critical Unreviewed
CVE-2021-43703 was published Dec 10, 2021
The iframe sandbox rules were not correctly applied to XSLT stylesheets, allowing an iframe to... Critical Unreviewed
CVE-2021-38503 was published Dec 9, 2021
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database