Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,347
Erlang
31
GitHub Actions
22
Go
2,117
Maven
5,000+
npm
3,768
NuGet
680
pip
3,457
Pub
12
RubyGems
892
Rust
888
Swift
38
Unreviewed advisories
All unreviewed
5,000+

1,232 advisories

Loading
VMware Workspace ONE Access, Identity Manager and vRealize Automation contain two remote code... High Unreviewed
CVE-2022-22958 was published Apr 14, 2022
VMware Workspace ONE Access, Identity Manager and vRealize Automation contain a privilege... High Unreviewed
CVE-2022-22960 was published Apr 14, 2022
A vulnerability has been identified in SIMATIC Energy Manager Basic (All versions < V7.3 Update 1... High Unreviewed
CVE-2022-23448 was published Apr 13, 2022
In multiple locations of MediaProvider.java , there is a possible way to get read/write access to... High Unreviewed
CVE-2021-39795 was published Apr 13, 2022
A local privilege escalation vulnerability caused by incorrect permission assignment in some... High Unreviewed
CVE-2022-0556 was published Apr 12, 2022
ZeroTierOne for windows local privilege escalation because of incorrect directory privilege in... High Unreviewed
CVE-2022-1316 was published Apr 12, 2022
The SysDrv3S driver in the CODESYS Control runtime system on Microsoft Windows allows any system... High Unreviewed
CVE-2022-22516 was published Apr 8, 2022
Synaman v5.1 and below was discovered to contain weak file permissions which allows authenticated... High Unreviewed
CVE-2022-26250 was published Apr 7, 2022
Inappropriate implementation in Permissions in Google Chrome prior to 99.0.4844.51 allowed a... Moderate Unreviewed
CVE-2022-0803 was published Apr 6, 2022
BigAnt Server v5.6.06 was discovered to contain an incorrect access control issue. High Unreviewed
CVE-2022-26281 was published Apr 6, 2022
SimpleMachinesForum 2.1.1 and earlier allows remote authenticated administrators to execute... High Unreviewed
CVE-2022-26982 was published Apr 6, 2022
In RuoYi v4.7.2 through the WebUI, user test1 does not have permission to reset the password of... Moderate Unreviewed
CVE-2022-23869 was published Mar 31, 2022
Missing permission check in Jenkins JiraTestResultReporter Plugin Moderate
CVE-2022-28137 was published for org.jenkins-ci.plugins:JiraTestResultReporter (Maven) Mar 30, 2022
NotMyFault
SaltStack Salt Permissions Bypass High
CVE-2022-22941 was published for salt (pip) Mar 30, 2022
An insecure permissions vulnerability in Snapt Aria v12.8 allows unauthenticated attackers to... Low Unreviewed
CVE-2022-24236 was published Mar 22, 2022
The matchmaking servers of Bandai Namco FromSoftware Dark Souls III through 2022-03-19 allow... High Unreviewed
CVE-2022-24125 was published Mar 21, 2022
TMS v2.28.0 contains an insecure permissions vulnerability via the component /TMS/admin/user... Moderate Unreviewed
CVE-2022-26247 was published Mar 21, 2022
A vulnerability in the Brocade Fabric OS before Brocade Fabric OS v9.0.1a, v8.2.3, v8.2.0_CBN4,... Moderate Unreviewed
CVE-2020-15388 was published Mar 19, 2022
Description: A permissions issue was addressed with improved validation. This issue is fixed in... Low Unreviewed
CVE-2022-22599 was published Mar 19, 2022
Whale Bridge, a default extension in Whale browser before 3.12.129.18, allowed to receive any... Critical Unreviewed
CVE-2022-24074 was published Mar 18, 2022
A Improper Privilege Management vulnerability in the sudoers configuration in cscreen of openSUSE... High Unreviewed
CVE-2022-21946 was published Mar 17, 2022
'Root Service' service implemented in the following Yokogawa Electric products creates some named... High Unreviewed
CVE-2022-22148 was published Mar 12, 2022
NVIDIA distributions of Jetson Linux contain a vulnerability where an error in the IOMMU... High Unreviewed
CVE-2022-21819 was published Mar 12, 2022
Ericsson Network Manager 20.2 has Insecure Permissions. Moderate Unreviewed
CVE-2021-28488 was published Mar 11, 2022
It was discovered that the SteelCentral AppInternals Dynamic Sampling Agent (DSA) uses the "... High Unreviewed
CVE-2021-42855 was published Mar 11, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database