Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,279
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,421
Pub
12
RubyGems
891
Rust
873
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

870 advisories

Loading
Insufficient checks in System Management Unit (SMU) FeatureConfig may result in reenabling... Moderate Unreviewed
CVE-2021-26376 was published May 12, 2022
Incorrect access control in Yubico OTP functionality of the YubiKey hardware tokens along with... Moderate Unreviewed
CVE-2022-24584 was published May 12, 2022
This is a concurrency issue that can result in the wrong caller principal being returned from the... Moderate Unreviewed
CVE-2022-0866 was published May 11, 2022
Improper access control in GitLab CE/EE affecting all versions starting from 8.12 before 14.8.6,... Moderate Unreviewed
CVE-2022-1417 was published May 11, 2022
Windows Hyper-V Security Feature Bypass Vulnerability. Moderate Unreviewed
CVE-2022-24466 was published May 11, 2022
A Two-Factor Authentication (2FA) bypass vulnerability in "Simple 2FA Plugin for Moodle" by LMS... Moderate Unreviewed
CVE-2022-28601 was published May 11, 2022
Microsoft Office Security Feature Bypass Vulnerability. Moderate Unreviewed
CVE-2022-29107 was published May 11, 2022
Windows Print Spooler Information Disclosure Vulnerability. This CVE ID is unique from CVE-2022... Moderate Unreviewed
CVE-2022-29114 was published May 11, 2022
IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.47, 7.0 before 7.0.0.29, 8.0 before 8.0.0... Moderate Unreviewed
CVE-2013-0543 was published May 5, 2022
The OG access fields (visibility fields) implementation in Organic Groups (OG) module 7.x-2.x... Moderate Unreviewed
CVE-2013-4228 was published May 5, 2022
Review Board: URL processing gives unauthorized users access to review lists Moderate Unreviewed
CVE-2013-4411 was published May 5, 2022
Permissions were not properly verified in the API on projects using version control in Git. This... Moderate Unreviewed
CVE-2022-1502 was published May 5, 2022
Improper access control vulnerability in Contents To Window prior to SMR May-2022 Release 1... Moderate Unreviewed
CVE-2022-28782 was published May 4, 2022
The default configuration of the Security global settings on the Citrix NetScaler Access Gateway... Moderate Unreviewed
CVE-2009-2213 was published May 2, 2022
parse.c in sudo 1.6.9p17 through 1.6.9p19 does not properly interpret a system group (aka %group)... Moderate Unreviewed
CVE-2009-0034 was published May 2, 2022
The ACL plugin in Dovecot before 1.1.4 treats negative access rights as if they are positive... Moderate Unreviewed
CVE-2008-4577 was published May 2, 2022
dbus-daemon in D-Bus before 1.0.3, and 1.1.x before 1.1.20, recognizes send_interface attributes... Moderate Unreviewed
CVE-2008-0595 was published May 1, 2022
Raritan Dominion SX (DSX) Console Servers DSX16, DSX32, DSX4, DSX8, and DSXA-48 set (1) world... Moderate Unreviewed
CVE-2005-2136 was published May 1, 2022
In this physical attack, an attacker may potentially exploit the Zynq-7000 SoC First Stage Boot... Moderate Unreviewed
CVE-2022-23822 was published Apr 28, 2022
cups (Common Unix Printing System) 'Listen localhost:631' option not honored correctly which... Moderate Unreviewed
CVE-2012-6094 was published Apr 23, 2022
Tahoe-LAFS v1.3.0 through v1.8.2 could allow unauthorized users to delete immutable files in some... Moderate Unreviewed
CVE-2011-3617 was published Apr 22, 2022
OSIsoft PI Vision 2020 versions prior to 3.5.0 could disclose information to a user with... Moderate Unreviewed
CVE-2020-25167 was published Apr 19, 2022
Improper access controls in the B. Braun Melsungen AG SpaceCom Version L81/U61 and earlier, and... Moderate Unreviewed
CVE-2020-25160 was published Apr 15, 2022
Apache Subversion SVN authz protected copyfrom paths regression Subversion servers reveal ... Moderate Unreviewed
CVE-2021-28544 was published Apr 13, 2022
Improper access control in GitLab CE/EE versions 10.7 prior to 14.7.7, 10.8 prior to 14.8.5, and... Moderate Unreviewed
CVE-2022-1193 was published Apr 12, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database