GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,131
Erlang
29
GitHub Actions
19
Go
1,934
Maven
5,000+
npm
3,668
NuGet
642
pip
3,287
Pub
10
RubyGems
873
Rust
828
Swift
35
Unreviewed advisories
All unreviewed
5,000+
2,094 advisories
Filter by severity
Access Control vulnerability in Dolibarr
High
CVE-2021-37517
was published
for
dolibarr/dolibarr
(Composer)
Apr 1, 2022
Improper access control in GitLab CE/EE versions 12.4 to 14.5.4, 14.5 to 14.6.4, and 12.6 to 14.7...
Moderate
Unreviewed
CVE-2022-0373
was published
Apr 3, 2022
Forcepoint One Endpoint prior to version 22.01 installed on Microsoft Windows is vulnerable to...
Moderate
Unreviewed
CVE-2022-27608
was published
Apr 5, 2022
In Voicemail, there is a possible way to retrieve a trackable identifier due to a missing...
Moderate
Unreviewed
CVE-2021-39742
was published
Mar 31, 2022
A local unauthorized read access to files vulnerability was discovered in HPE OneView version(s):...
Moderate
Unreviewed
CVE-2022-23700
was published
Apr 5, 2022
In Settings, there is a possible way to read Bluetooth device names without proper permissions...
Moderate
Unreviewed
CVE-2021-39751
was published
Mar 31, 2022
An improper access control vulnerability in GitLab CE/EE affecting all versions from 13.11 prior...
Moderate
Unreviewed
CVE-2022-1105
was published
Apr 5, 2022
In PackageManager, there is a possible way to update the last usage time of another package due...
High
Unreviewed
CVE-2021-39743
was published
Mar 31, 2022
In RSA Archer 6.x through 6.9 SP3 (6.9.3.0), an authenticated attacker can make a GET request to...
Moderate
Unreviewed
CVE-2021-38362
was published
Apr 1, 2022
Forcepoint One Endpoint prior to version 22.01 installed on Microsoft Windows does not provide...
Moderate
Unreviewed
CVE-2022-27609
was published
Apr 5, 2022
Improper access control in Gitlab CE/EE versions 12.7 to 14.5.4, 14.6 to 14.6.4, and 14.7 to 14.7...
Moderate
Unreviewed
CVE-2022-0390
was published
Apr 3, 2022
Xerox ColorQube 8580 was discovered to contain an access control issue which allows attackers to...
High
Unreviewed
CVE-2022-26572
was published
Apr 5, 2022
The Amelia WordPress plugin before 1.0.48 does not have proper authorisation when handling Amelia...
Moderate
Unreviewed
CVE-2022-0837
was published
Apr 5, 2022
Incorrect authorization in the Asana integration's branch restriction feature in all versions of...
Moderate
Unreviewed
CVE-2022-0740
was published
Apr 5, 2022
Rockwell Automation FactoryTalk Services Platform v6.11 and earlier, if FactoryTalk Security is...
High
Unreviewed
CVE-2021-32960
was published
Apr 3, 2022
Improper Authorization in GitHub repository janeczku/calibre-web prior to 0.6.16.
Moderate
Unreviewed
CVE-2022-0406
was published
Apr 4, 2022
Seyeon Tech Co., Ltd FlexWATCH FW3170-PS-E Network Video System 4.23-3000_GY allows attackers to...
High
Unreviewed
CVE-2022-25584
was published
Apr 6, 2022
An unauthorized file creation vulnerability in Telesquare TLR-2855KS6 via PUT method can allow...
High
Unreviewed
CVE-2021-46418
was published
Apr 8, 2022
The Amelia WordPress plugin before 1.0.49 does not have proper authorisation when managing...
Moderate
Unreviewed
CVE-2022-0825
was published
Apr 5, 2022
aEnrich a+HRD has inadequate privilege restrictions, an unauthenticated remote attacker can use...
Critical
Unreviewed
CVE-2022-26676
was published
Apr 8, 2022
Improper Authorization in GitHub repository phpipam/phpipam prior to 1.4.6.
Moderate
Unreviewed
CVE-2022-1224
was published
Apr 5, 2022
The Material Design for Contact Form 7 WordPress plugin through 2.6.4 does not check...
Moderate
Unreviewed
CVE-2022-0404
was published
Apr 5, 2022
Dalmark Systems Systeam 2.22.8 build 1724 is vulnerable to Incorrect Access Control. The Systeam...
High
Unreviewed
CVE-2021-44877
was published
Dec 22, 2021
Insufficient policy enforcement in CORS in Google Chrome prior to 96.0.4664.45 allowed a remote...
Moderate
Unreviewed
CVE-2021-38019
was published
Dec 24, 2021
Insufficient policy enforcement in contacts picker in Google Chrome on Android prior to 96.0.4664...
Moderate
Unreviewed
CVE-2021-38020
was published
Dec 24, 2021
ProTip!
Advisories are also available from the
GraphQL API