GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,274
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,421
Pub
12
RubyGems
891
Rust
873
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
870 advisories
Filter by severity
Improper access control vulnerability in ELECOM routers (WRC-1167GST2 firmware v1.25 and prior,...
Moderate
Unreviewed
CVE-2021-20862
was published
Dec 2, 2021
Improper access control on the LocalMACConfig.asp interface allows an unauthenticated remote...
Moderate
Unreviewed
CVE-2022-25215
was published
Mar 11, 2022
IBM Data Virtualization on Cloud Pak for Data 1.3.0, 1.4.1, 1.5.0, 1.7.1 and 1.7.3 could allow an...
Moderate
Unreviewed
CVE-2021-38971
was published
Mar 15, 2022
An improper authorization handling flaw was found in Foreman. The OpenSCAP plugin for the smart...
Moderate
Unreviewed
CVE-2021-20290
was published
Mar 26, 2022
The Amelia WordPress plugin before 1.0.47 does not have proper authorisation when managing...
Moderate
Unreviewed
CVE-2022-0720
was published
Mar 29, 2022
In all versions of GitLab CE/EE since version 11.3, the endpoint for auto-completing Assignee...
Moderate
Unreviewed
CVE-2021-39876
was published
Mar 29, 2022
An improper authorization vulnerabiltiy [CWE-285] in FortiClient Windows versions 7.0.0 and 6.4.6...
Moderate
Unreviewed
CVE-2021-36167
was published
Dec 10, 2021
A Hidden Functionality in Fortinet FortiOS 7.x before 7.0.1, FortiOS 6.4.x before 6.4.7 allows...
Moderate
Unreviewed
CVE-2021-36169
was published
Dec 14, 2021
Accounting User Can Download Patient Reports in openemr in GitHub repository openemr/openemr...
Moderate
Unreviewed
CVE-2022-1177
was published
Mar 31, 2022
Archer 6.x through 6.9 SP2 P1 (6.9.2.1) contains an improper access control vulnerability on...
Moderate
Unreviewed
CVE-2022-26949
was published
Mar 31, 2022
Improper access control allows any project member to retrieve the service desk email address in...
Moderate
Unreviewed
CVE-2021-39934
was published
Dec 14, 2021
Improper access control in GitLab CE/EE versions 12.4 to 14.5.4, 14.5 to 14.6.4, and 12.6 to 14.7...
Moderate
Unreviewed
CVE-2022-0373
was published
Apr 3, 2022
In DomainVerificationService, there is a possible way to access app domain verification...
Moderate
Unreviewed
CVE-2021-39753
was published
Mar 31, 2022
A local unauthorized read access to files vulnerability was discovered in HPE OneView version(s):...
Moderate
Unreviewed
CVE-2022-23700
was published
Apr 5, 2022
In Voicemail, there is a possible way to retrieve a trackable identifier due to a missing...
Moderate
Unreviewed
CVE-2021-39742
was published
Mar 31, 2022
Forcepoint One Endpoint prior to version 22.01 installed on Microsoft Windows is vulnerable to...
Moderate
Unreviewed
CVE-2022-27608
was published
Apr 5, 2022
In RSA Archer 6.x through 6.9 SP3 (6.9.3.0), an authenticated attacker can make a GET request to...
Moderate
Unreviewed
CVE-2021-38362
was published
Apr 1, 2022
In Settings, there is a possible way to read Bluetooth device names without proper permissions...
Moderate
Unreviewed
CVE-2021-39751
was published
Mar 31, 2022
An improper access control vulnerability in GitLab CE/EE affecting all versions from 13.11 prior...
Moderate
Unreviewed
CVE-2022-1105
was published
Apr 5, 2022
Forcepoint One Endpoint prior to version 22.01 installed on Microsoft Windows does not provide...
Moderate
Unreviewed
CVE-2022-27609
was published
Apr 5, 2022
Improper access control in Gitlab CE/EE versions 12.7 to 14.5.4, 14.6 to 14.6.4, and 14.7 to 14.7...
Moderate
Unreviewed
CVE-2022-0390
was published
Apr 3, 2022
The Amelia WordPress plugin before 1.0.48 does not have proper authorisation when handling Amelia...
Moderate
Unreviewed
CVE-2022-0837
was published
Apr 5, 2022
Incorrect authorization in the Asana integration's branch restriction feature in all versions of...
Moderate
Unreviewed
CVE-2022-0740
was published
Apr 5, 2022
The Material Design for Contact Form 7 WordPress plugin through 2.6.4 does not check...
Moderate
Unreviewed
CVE-2022-0404
was published
Apr 5, 2022
The Amelia WordPress plugin before 1.0.49 does not have proper authorisation when managing...
Moderate
Unreviewed
CVE-2022-0825
was published
Apr 5, 2022
ProTip!
Advisories are also available from the
GraphQL API