Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,056
Erlang
29
GitHub Actions
19
Go
1,889
Maven
5,000+
npm
3,618
NuGet
638
pip
3,231
Pub
10
RubyGems
854
Rust
817
Swift
35
Unreviewed advisories
All unreviewed
5,000+

3,288 advisories

Loading
Zoho ManageEngine Desktop Central before 10.1.2137.10 allows an authenticated user to change any... Moderate Unreviewed
CVE-2022-23863 was published Jan 29, 2022
There is a privilege escalation vulnerability in some webOS TVs. Due to wrong setting... High Unreviewed
CVE-2022-23727 was published Jan 29, 2022
Improper Privilege Management in apache-airflow Moderate
CVE-2021-45230 was published for apache-airflow (pip) Jan 28, 2022
loguru vulnerable to improper privilege management Moderate
CVE-2022-0338 was published for loguru (pip) Jan 26, 2022
Escalation of privileges vulnerability in Micro Focus in Micro Focus Operations Agent, affecting... Low Unreviewed
CVE-2021-38129 was published Jan 26, 2022
The Privilege Escalation vulnerability discovered in the WP Google Map WordPress plugin (versions... Moderate Unreviewed
CVE-2021-45729 was published Jan 26, 2022
In QuickBox Pro v2.5.8 and below, the config.php file has a variable which takes a GET parameter... High Unreviewed
CVE-2021-44981 was published Jan 25, 2022
An issue was discovered in COINS Construction Cloud 11.12. Due to logical flaws in the human... High Unreviewed
CVE-2021-45222 was published Jan 25, 2022
Rapid7 Insight Agent, versions prior to 3.1.3, suffer from an improper access control... Low Unreviewed
CVE-2021-4016 was published Jan 22, 2022
The Dell EMC Virtual Appliances before 9.2.2.2 contain undocumented user accounts. A local... High Unreviewed
CVE-2021-36339 was published Jan 22, 2022
Improper Privilege Management in shelljs High
CVE-2022-0144 was published for shelljs (npm) Jan 21, 2022
Execution with Unnecessary Privileges in ipython High
CVE-2022-21699 was published for ipython (pip) Jan 21, 2022
mlucool quarl
A privilege escalation vulnerability in the McAfee Agent prior to 5.7.5. McAfee Agent uses... High Unreviewed
CVE-2022-0166 was published Jan 20, 2022
Vulnerability in the MySQL Cluster product of Oracle MySQL (component: Cluster: General).... Moderate Unreviewed
CVE-2022-21310 was published Jan 20, 2022
An issue has been discovered affecting GitLab versions prior to 14.4.5, between 14.5.0 and 14.5.3... Moderate Unreviewed
CVE-2022-0090 was published Jan 19, 2022
An issue has been discovered in GitLab affecting all versions starting from 12.0 before 14.4.5,... Moderate Unreviewed
CVE-2022-0125 was published Jan 19, 2022
An issue was discovered in Delta RM 1.2. Using an privileged account, it is possible to edit,... Moderate Unreviewed
CVE-2021-44840 was published Jan 19, 2022
CyberArk Endpoint Privilege Manager (EPM) through 11.5.3.328 before 2021-12-20 allows a local... High Unreviewed
CVE-2021-44049 was published Jan 16, 2022
In jit_memory_region.cc, there is a possible bypass of memory restrictions due to a logic error... High Unreviewed
CVE-2021-0959 was published Jan 15, 2022
In multiple methods of EuiccNotificationManager.java, there is a possible way to install existing... High Unreviewed
CVE-2021-39618 was published Jan 15, 2022
In sendLegacyVoicemailNotification of LegacyModeSmsHandler.java, there is a possible permissions... High Unreviewed
CVE-2021-39621 was published Jan 15, 2022
In showCarrierAppInstallationNotification of EuiccNotificationManager.java, there is a possible... High Unreviewed
CVE-2021-39625 was published Jan 15, 2022
In doRead of SimpleDecodingSource.cpp, there is a possible out of bounds write due to an... Critical Unreviewed
CVE-2021-39623 was published Jan 15, 2022
In sendLegacyVoicemailNotification of LegacyModeSmsHandler.java, there is a possible permissions... High Unreviewed
CVE-2021-39627 was published Jan 15, 2022
In executeRequest of OverlayManagerService.java, there is a possible way to control fabricated... High Unreviewed
CVE-2021-39630 was published Jan 15, 2022
ProTip! Advisories are also available from the GraphQL API