Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,056
Erlang
29
GitHub Actions
19
Go
1,889
Maven
5,000+
npm
3,618
NuGet
638
pip
3,231
Pub
10
RubyGems
854
Rust
817
Swift
35
Unreviewed advisories
All unreviewed
5,000+

3,288 advisories

Loading
A vulnerability in the CLI of Cisco SD-WAN vManage Software could allow an authenticated, local... High Unreviewed
CVE-2022-20739 was published Apr 16, 2022
Micro-Star International (MSI) Center Pro <= 2.0.16.0 is vulnerable to multiple Privilege... High Unreviewed
CVE-2021-44903 was published Feb 9, 2022
Micro-Star International (MSI) Center <= 1.0.31.0 is vulnerable to multiple Privilege Escalation... High Unreviewed
CVE-2021-44899 was published Feb 9, 2022
A non-admin user with user management permission can escalate his privilege to admin user via... High Unreviewed
CVE-2022-22572 was published Apr 12, 2022
Windows Endpoint Configuration Manager Elevation of Privilege Vulnerability. High Unreviewed
CVE-2022-24527 was published Apr 16, 2022
In executeRequest of OverlayManagerService.java, there is a possible way to control fabricated... High Unreviewed
CVE-2021-39630 was published Jan 15, 2022
In multiple methods of EuiccNotificationManager.java, there is a possible way to install existing... High Unreviewed
CVE-2021-39618 was published Jan 15, 2022
In jit_memory_region.cc, there is a possible bypass of memory restrictions due to a logic error... High Unreviewed
CVE-2021-0959 was published Jan 15, 2022
Insufficient control flow management in the firmware for some Intel(R) Processors may allow a... Moderate Unreviewed
CVE-2021-0103 was published Feb 11, 2022
Insufficient compartmentalization in HECI subsystem for the Intel(R) SPS before versions... High Unreviewed
CVE-2021-0060 was published Feb 11, 2022
In updatePackageMappingsData of UsageStatsService.java, there is a possible way to bypass... High Unreviewed
CVE-2021-39619 was published Feb 12, 2022
A potential security vulnerability has been identified in HPE Superdome Flex and Superdome Flex... Moderate Unreviewed
CVE-2022-23702 was published Apr 13, 2022
In change_pte_range of mprotect.c , there is a possible way to make a shared mmap writable due to... High Unreviewed
CVE-2021-39802 was published Apr 13, 2022
The Apache Log4j hotpatch package before log4j-cve-2021-44228-hotpatch-1.1-12 didn’t mimic the... High Unreviewed
CVE-2021-3100 was published Apr 21, 2022
In <TBD> of <TBD>, there is a possible bypass of Factory Reset Protection due to <TBD>. This... High Unreviewed
CVE-2021-39678 was published Jan 15, 2022
In sendLegacyVoicemailNotification of LegacyModeSmsHandler.java, there is a possible permissions... High Unreviewed
CVE-2021-39627 was published Jan 15, 2022
CyberArk Endpoint Privilege Manager (EPM) through 11.5.3.328 before 2021-12-20 allows a local... High Unreviewed
CVE-2021-44049 was published Jan 16, 2022
Escalation of privileges vulnerability in Micro Focus in Micro Focus Operations Agent, affecting... Low Unreviewed
CVE-2021-38129 was published Jan 26, 2022
An Improper Privilege Management vulnerability in the Windows Installer framework used in the... High Unreviewed
CVE-2022-22187 was published Apr 15, 2022
Improper access control in the firmware for some Intel(R) Processors may allow an unauthenticated... High Unreviewed
CVE-2021-0091 was published Feb 11, 2022
Chamilo LMS v1.11.13 lacks validation on the user modification form, allowing attackers to... High Unreviewed
CVE-2022-27421 was published Apr 16, 2022
Incomplete fix for CVE-2021-3100. The Apache Log4j hotpatch package starting with log4j-cve-2021... High Unreviewed
CVE-2022-0070 was published Apr 21, 2022
An insecure modification flaw in the /etc/passwd file was found in the openjdk-1.8 and openjdk-11... High Unreviewed
CVE-2021-20264 was published May 24, 2022
A flaw was found in cifs-utils in versions before 6.13. A user when mounting a krb5 CIFS file... Moderate Unreviewed
CVE-2021-20208 was published May 24, 2022
Malicious HTML+XHR Artifact Privilege Escalation in Argo Workflows High
CVE-2022-29164 was published for github.com/argoproj/argo-workflows/v3 (Go) May 23, 2022
alexec
ProTip! Advisories are also available from the GraphQL API