GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,270
Erlang
31
GitHub Actions
21
Go
2,044
Maven
5,000+
npm
3,736
NuGet
663
pip
3,414
Pub
12
RubyGems
891
Rust
868
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
706 advisories
Filter by severity
KDE KCron through 21.12.2 uses a temporary file in /tmp when saving, but reuses the filename...
High
Unreviewed
CVE-2022-24986
was published
Feb 27, 2022
A flaw was found in the way samba, as an Active Directory Domain Controller, is able to support...
High
Unreviewed
CVE-2020-25718
was published
Feb 19, 2022
An access control issue in hprms/admin/?page=user/list of Hospital Patient Record Management...
High
Unreviewed
CVE-2022-22854
was published
Feb 15, 2022
In system service, there is a possible permission bypass due to a missing permission check. This...
High
Unreviewed
CVE-2022-20024
was published
Feb 11, 2022
In Bluetooth, there is a possible escalation of privilege due to a missing permission check. This...
High
Unreviewed
CVE-2022-20043
was published
Feb 11, 2022
In Bluetooth, there is a possible escalation of privilege due to a missing permission check. This...
High
Unreviewed
CVE-2022-20041
was published
Feb 11, 2022
A CWE-862: Missing Authorization vulnerability exists that could cause information exposure when...
High
Unreviewed
CVE-2022-24317
was published
Feb 11, 2022
The IP2Location Country Blocker WordPress plugin before 2.26.5 does not have authorisation and...
High
Unreviewed
CVE-2021-25095
was published
Feb 8, 2022
The Link Library WordPress plugin before 7.2.8 does not have authorisation in place when deleting...
High
Unreviewed
CVE-2021-25093
was published
Feb 2, 2022
Single Connect does not perform an authorization check when using the sc-reports-ui" module. A...
High
Unreviewed
CVE-2021-44793
was published
Jan 28, 2022
Single Connect does not perform an authorization check when using the "sc-assigned-credential-ui"...
High
Unreviewed
CVE-2021-44795
was published
Jan 28, 2022
The Protect WP Admin WordPress plugin before 3.6.2 does not check for authorisation in the lib...
High
Unreviewed
CVE-2021-24906
was published
Jan 25, 2022
The WP Import Export WordPress plugin (both free and premium versions) is vulnerable to...
High
Unreviewed
CVE-2022-0236
was published
Jan 19, 2022
All AJAX actions of the Tab WordPress plugin before 1.3.2 are available to both unauthenticated...
High
Unreviewed
CVE-2021-24831
was published
Jan 4, 2022
Yappli is an application development platform which provides the function to access a requested...
High
Unreviewed
CVE-2021-20873
was published
Dec 29, 2021
MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle...
High
Unreviewed
CVE-2021-37572
was published
Dec 27, 2021
TCMAN GIM does not perform an authorization check when trying to access determined resources. A...
High
Unreviewed
CVE-2021-40853
was published
Dec 18, 2021
In enforceCrossUserOrProfilePermission of PackageManagerService.java, there is a possible bypass...
High
Unreviewed
CVE-2021-0922
was published
Dec 16, 2021
In createOrUpdate of Permission.java, there is a possible way to gain internal permissions due to...
High
Unreviewed
CVE-2021-0923
was published
Dec 16, 2021
In onCreate of NfcImportVCardActivity.java, there is a possible way to add a contact without user...
High
Unreviewed
CVE-2021-0926
was published
Dec 16, 2021
In AdapterService and GattService definition of AndroidManifest.xml, there is a possible way to...
High
Unreviewed
CVE-2021-1017
was published
Dec 16, 2021
FatPipe WARP, IPVPN, and MPVPN software prior to versions 10.1.2r60p91 and 10.2.2r42 allows a...
High
Unreviewed
CVE-2021-27855
was published
Dec 16, 2021
A missing authorization vulnerability in the web management interface of FatPipe WARP, IPVPN, and...
High
Unreviewed
CVE-2021-27857
was published
Dec 16, 2021
A missing authorization vulnerability in the web management interface of FatPipe WARP, IPVPN, and...
High
Unreviewed
CVE-2021-27859
was published
Dec 16, 2021
An issue was discovered in Listary through 6. When Listary is configured as admin, Listary will...
High
Unreviewed
CVE-2021-41066
was published
Dec 15, 2021
ProTip!
Advisories are also available from the
GraphQL API