Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,343
Erlang
31
GitHub Actions
22
Go
2,107
Maven
5,000+
npm
3,764
NuGet
679
pip
3,452
Pub
12
RubyGems
892
Rust
886
Swift
37
Unreviewed advisories
All unreviewed
5,000+

277 advisories

Loading
seatd-launch in seatd 0.6.x before 0.6.4 allows removing files with escalated privileges when... Critical Unreviewed
CVE-2022-25643 was published Feb 25, 2022
Privilege Escalation in Kubernetes Critical
CVE-2018-1002105 was published for github.com/kubernetes/kubernetes (Go) Feb 15, 2022
XCOM Data Transport for Windows, Linux, and UNIX 11.6 releases contain a vulnerability due to... Critical Unreviewed
CVE-2022-23992 was published Feb 15, 2022
A CWE-269: Improper Privilege Management vulnerability exists that could cause an arbitrary... Critical Unreviewed
CVE-2021-22801 was published Feb 12, 2022
Improper privilege management vulnerability in Samsung Video Player prior to version 7.3.15.30... Critical Unreviewed
CVE-2022-24927 was published Feb 12, 2022
An incorrect check in the component cdr.php of Voipmonitor GUI before v24.96 allows... Critical Unreviewed
CVE-2022-24259 was published Feb 10, 2022
All Dell EMC Integrated System for Microsoft Azure Stack Hub versions contain a privilege... Critical Unreviewed
CVE-2021-36302 was published Feb 10, 2022
Improper Privilege Management in Gitea Critical
CVE-2021-45330 was published for code.gitea.io/gitea (Go) Feb 10, 2022
An issue was discovered in Servisnet Tessa 0.0.2. Authorization data is available via an... Critical Unreviewed
CVE-2022-22832 was published Feb 8, 2022
In doRead of SimpleDecodingSource.cpp, there is a possible out of bounds write due to an... Critical Unreviewed
CVE-2021-39623 was published Jan 15, 2022
Windows Hyper-V Elevation of Privilege Vulnerability. Critical Unreviewed
CVE-2022-21901 was published Jan 12, 2022
The zabbix-agent2 package before 5.4.9-r1 for Alpine Linux sometimes allows privilege escalation... Critical Unreviewed
CVE-2022-22704 was published Jan 7, 2022
StarWind SAN & NAS build 1578 and StarWind Command Center Build 6864 Update Manager allows... Critical Unreviewed
CVE-2021-45389 was published Jan 5, 2022
There is a Configuration defects in Smartphone.Successful exploitation of this vulnerability may... Critical Unreviewed
CVE-2021-37121 was published Jan 4, 2022
Phone Manager application has a Improper Privilege Management vulnerability.Successful... Critical Unreviewed
CVE-2021-39982 was published Jan 4, 2022
Product: AndroidVersions: Android kernelAndroid ID: A-126949257References: N/A Critical Unreviewed
CVE-2021-39641 was published Dec 16, 2021
Product: AndroidVersions: Android kernelAndroid ID: A-199809304References: N/A Critical Unreviewed
CVE-2021-39644 was published Dec 16, 2021
Product: AndroidVersions: Android kernelAndroid ID: A-199805112References: N/A Critical Unreviewed
CVE-2021-39645 was published Dec 16, 2021
Product: AndroidVersions: Android kernelAndroid ID: A-192641593References: N/A Critical Unreviewed
CVE-2021-39655 was published Dec 16, 2021
An exposed dangerous function vulnerability exists in Ivanti Avalanche before 6.3.3 using... Critical Unreviewed
CVE-2021-42128 was published Dec 8, 2021
Raspberry Pi OS through 5.10 has the raspberry default password for the pi account. If not... Critical Unreviewed
CVE-2021-38759 was published Dec 8, 2021
The AMDPowerProfiler.sys driver of AMD ?Prof tool may allow lower privileged users to access MSRs... Critical Unreviewed
CVE-2021-26334 was published Dec 2, 2021
TimelockController vulnerability in OpenZeppelin Contracts Critical
CVE-2021-39168 was published for @openzeppelin/contracts-upgradeable (npm) Aug 30, 2021
TimelockController vulnerability in OpenZeppelin Contracts Critical
CVE-2021-39167 was published for @openzeppelin/contracts (npm) Aug 30, 2021
Creation of Temporary File in Directory with Insecure Permissions in the OpenAPI-Generator online generator Critical
CVE-2021-21428 was published for org.openapitools:openapi-generator-online (Maven) May 11, 2021
JLLeitschuh
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database