GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,056
Erlang
29
GitHub Actions
19
Go
1,889
Maven
5,000+
npm
3,618
NuGet
638
pip
3,231
Pub
10
RubyGems
854
Rust
817
Swift
35
Unreviewed advisories
All unreviewed
5,000+
871 advisories
Filter by severity
In ims service, there is a possible unexpected application behavior due to incorrect privilege...
Moderate
Unreviewed
CVE-2022-20051
was published
Mar 11, 2022
In preloader (usb), there is a possible permission bypass due to a missing proper image...
Moderate
Unreviewed
CVE-2022-20060
was published
Mar 11, 2022
Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022...
Moderate
Unreviewed
CVE-2022-24519
was published
Mar 10, 2022
Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022...
Moderate
Unreviewed
CVE-2022-24515
was published
Mar 10, 2022
Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022...
Moderate
Unreviewed
CVE-2022-24518
was published
Mar 10, 2022
A local attacker can overwrite arbitrary files on the system with VPN client logs using...
Moderate
Unreviewed
CVE-2021-36809
was published
Mar 9, 2022
Elasticsearch privilege escalation
Moderate
CVE-2022-23708
was published
for
org.elasticsearch:elasticsearch
(Maven)
Mar 4, 2022
IBM AIX 7.1, 7.2, 7.3, and VIOS 3.1 could allow a local user with elevated privileges to cause a...
Moderate
Unreviewed
CVE-2021-38955
was published
Mar 2, 2022
Improper Privilege Management and Execution with Unnecessary Privileges in Kata Containers
Moderate
CVE-2020-2023
was published
for
github.com/kata-containers/agent
(Go)
Feb 15, 2022
Improper Privilege Management in Snipe-IT
Moderate
CVE-2022-0579
was published
for
snipe/snipe-it
(Composer)
Feb 15, 2022
Insufficient control flow management in the firmware for some Intel(R) Processors may allow a...
Moderate
Unreviewed
CVE-2021-0103
was published
Feb 11, 2022
A vulnerability in the web-based management interface of Cisco Prime Service Catalog could allow...
Moderate
Unreviewed
CVE-2022-20680
was published
Feb 11, 2022
Improper Privilege Management in GitHub repository chatwoot/chatwoot prior to v2.2.
Moderate
Unreviewed
CVE-2021-3813
was published
Feb 10, 2022
Microsoft Dynamics GP Elevation Of Privilege Vulnerability. This CVE ID is unique from CVE-2022...
Moderate
Unreviewed
CVE-2022-23271
was published
Feb 10, 2022
Improper Access Control in infinispan-server-runtime
Moderate
CVE-2020-25711
was published
for
org.infinispan:infinispan-core
(Maven)
Feb 9, 2022
Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability. This CVE ID is unique from...
Moderate
Unreviewed
CVE-2022-23262
was published
Feb 8, 2022
Zoho ManageEngine Desktop Central before 10.1.2137.10 allows an authenticated user to change any...
Moderate
Unreviewed
CVE-2022-23863
was published
Jan 29, 2022
Improper Privilege Management in apache-airflow
Moderate
CVE-2021-45230
was published
for
apache-airflow
(pip)
Jan 28, 2022
loguru vulnerable to improper privilege management
Moderate
CVE-2022-0338
was published
for
loguru
(pip)
Jan 26, 2022
The Privilege Escalation vulnerability discovered in the WP Google Map WordPress plugin (versions...
Moderate
Unreviewed
CVE-2021-45729
was published
Jan 26, 2022
Vulnerability in the MySQL Cluster product of Oracle MySQL (component: Cluster: General)....
Moderate
Unreviewed
CVE-2022-21310
was published
Jan 20, 2022
An issue has been discovered affecting GitLab versions prior to 14.4.5, between 14.5.0 and 14.5.3...
Moderate
Unreviewed
CVE-2022-0090
was published
Jan 19, 2022
An issue has been discovered in GitLab affecting all versions starting from 12.0 before 14.4.5,...
Moderate
Unreviewed
CVE-2022-0125
was published
Jan 19, 2022
An issue was discovered in Delta RM 1.2. Using an privileged account, it is possible to edit,...
Moderate
Unreviewed
CVE-2021-44840
was published
Jan 19, 2022
Improper Privilege Management in shelljs
Moderate
GHSA-64g7-mvw6-v9qj
was published
for
shelljs
(npm)
Jan 14, 2022
ProTip!
Advisories are also available from the
GraphQL API