Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,056
Erlang
29
GitHub Actions
19
Go
1,889
Maven
5,000+
npm
3,618
NuGet
638
pip
3,231
Pub
10
RubyGems
854
Rust
817
Swift
35
Unreviewed advisories
All unreviewed
5,000+

871 advisories

Loading
In ims service, there is a possible unexpected application behavior due to incorrect privilege... Moderate Unreviewed
CVE-2022-20051 was published Mar 11, 2022
In preloader (usb), there is a possible permission bypass due to a missing proper image... Moderate Unreviewed
CVE-2022-20060 was published Mar 11, 2022
Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022... Moderate Unreviewed
CVE-2022-24519 was published Mar 10, 2022
Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022... Moderate Unreviewed
CVE-2022-24515 was published Mar 10, 2022
Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022... Moderate Unreviewed
CVE-2022-24518 was published Mar 10, 2022
A local attacker can overwrite arbitrary files on the system with VPN client logs using... Moderate Unreviewed
CVE-2021-36809 was published Mar 9, 2022
Elasticsearch privilege escalation Moderate
CVE-2022-23708 was published for org.elasticsearch:elasticsearch (Maven) Mar 4, 2022
IBM AIX 7.1, 7.2, 7.3, and VIOS 3.1 could allow a local user with elevated privileges to cause a... Moderate Unreviewed
CVE-2021-38955 was published Mar 2, 2022
Improper Privilege Management and Execution with Unnecessary Privileges in Kata Containers Moderate
CVE-2020-2023 was published for github.com/kata-containers/agent (Go) Feb 15, 2022
Improper Privilege Management in Snipe-IT Moderate
CVE-2022-0579 was published for snipe/snipe-it (Composer) Feb 15, 2022
Insufficient control flow management in the firmware for some Intel(R) Processors may allow a... Moderate Unreviewed
CVE-2021-0103 was published Feb 11, 2022
A vulnerability in the web-based management interface of Cisco Prime Service Catalog could allow... Moderate Unreviewed
CVE-2022-20680 was published Feb 11, 2022
Improper Privilege Management in GitHub repository chatwoot/chatwoot prior to v2.2. Moderate Unreviewed
CVE-2021-3813 was published Feb 10, 2022
Microsoft Dynamics GP Elevation Of Privilege Vulnerability. This CVE ID is unique from CVE-2022... Moderate Unreviewed
CVE-2022-23271 was published Feb 10, 2022
Improper Access Control in infinispan-server-runtime Moderate
CVE-2020-25711 was published for org.infinispan:infinispan-core (Maven) Feb 9, 2022
Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability. This CVE ID is unique from... Moderate Unreviewed
CVE-2022-23262 was published Feb 8, 2022
Zoho ManageEngine Desktop Central before 10.1.2137.10 allows an authenticated user to change any... Moderate Unreviewed
CVE-2022-23863 was published Jan 29, 2022
Improper Privilege Management in apache-airflow Moderate
CVE-2021-45230 was published for apache-airflow (pip) Jan 28, 2022
loguru vulnerable to improper privilege management Moderate
CVE-2022-0338 was published for loguru (pip) Jan 26, 2022
The Privilege Escalation vulnerability discovered in the WP Google Map WordPress plugin (versions... Moderate Unreviewed
CVE-2021-45729 was published Jan 26, 2022
Vulnerability in the MySQL Cluster product of Oracle MySQL (component: Cluster: General).... Moderate Unreviewed
CVE-2022-21310 was published Jan 20, 2022
An issue has been discovered affecting GitLab versions prior to 14.4.5, between 14.5.0 and 14.5.3... Moderate Unreviewed
CVE-2022-0090 was published Jan 19, 2022
An issue has been discovered in GitLab affecting all versions starting from 12.0 before 14.4.5,... Moderate Unreviewed
CVE-2022-0125 was published Jan 19, 2022
An issue was discovered in Delta RM 1.2. Using an privileged account, it is possible to edit,... Moderate Unreviewed
CVE-2021-44840 was published Jan 19, 2022
Improper Privilege Management in shelljs Moderate
GHSA-64g7-mvw6-v9qj was published for shelljs (npm) Jan 14, 2022
ProTip! Advisories are also available from the GraphQL API