Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,056
Erlang
29
GitHub Actions
19
Go
1,889
Maven
5,000+
npm
3,618
NuGet
638
pip
3,231
Pub
10
RubyGems
854
Rust
817
Swift
35
Unreviewed advisories
All unreviewed
5,000+

257 advisories

Loading
Privilege Escalation in Kubernetes Critical
CVE-2018-1002105 was published for github.com/kubernetes/kubernetes (Go) Feb 15, 2022
The System Diagnosis service of MyASUS before 3.1.2.0 allows privilege escalation. Critical Unreviewed
CVE-2022-22814 was published Mar 11, 2022
Product: AndroidVersions: Android kernelAndroid ID: A-199809304References: N/A Critical Unreviewed
CVE-2021-39644 was published Dec 16, 2021
Product: AndroidVersions: Android kernelAndroid ID: A-199805112References: N/A Critical Unreviewed
CVE-2021-39645 was published Dec 16, 2021
Product: AndroidVersions: Android kernelAndroid ID: A-192641593References: N/A Critical Unreviewed
CVE-2021-39655 was published Dec 16, 2021
Product: AndroidVersions: Android kernelAndroid ID: A-126949257References: N/A Critical Unreviewed
CVE-2021-39641 was published Dec 16, 2021
There is a Configuration defects in Smartphone.Successful exploitation of this vulnerability may... Critical Unreviewed
CVE-2021-37121 was published Jan 4, 2022
Unescaped control characters in Gitblit Critical
CVE-2022-31267 was published for com.gitblit:gitblit (Maven) May 22, 2022
Improper access control vulnerability in acmailer ver. 4.0.1 and earlier, and acmailer DB ver. 1... Critical Unreviewed
CVE-2021-20617 was published May 24, 2022
Snow Inventory Agent through 6.7.0 on Windows uses CPUID to report on processor types and... Critical Unreviewed
CVE-2021-27579 was published May 24, 2022
An issue was discovered on Libre Wireless LS9 LS1.5/p7040 devices. There is Unauthenticated Root... Critical Unreviewed
CVE-2020-35757 was published May 24, 2022
Escalation of privileges vulnerability in Micro Focus Operations Agent, affects versions 12.0x,... Critical Unreviewed
CVE-2021-22505 was published May 24, 2022
zzcms 201910 contains an access control vulnerability through escalation of privileges in /user... Critical Unreviewed
CVE-2020-23426 was published May 24, 2022
A process injection vulnerability in setup.exe of AutoHotkey 1.1.32.00 allows attackers to... Critical Unreviewed
CVE-2020-18174 was published May 24, 2022
The remove API in v1/controller/cloudStorage/alibabaCloud/remove/index.ts in netless Agora Flat... Critical Unreviewed
CVE-2021-38621 was published May 24, 2022
A vulnerability in an API endpoint of Cisco ACI Multi-Site Orchestrator (MSO) installed on the... Critical Unreviewed
CVE-2021-1388 was published May 24, 2022
ManageEngine ADSelfService Plus before 6112 is vulnerable to domain user account takeover. Critical Unreviewed
CVE-2021-37424 was published May 24, 2022
An improper access control vulnerability in SMA100 allows a remote unauthenticated attacker to... Critical Unreviewed
CVE-2021-20034 was published May 24, 2022
An issue in the SeChangeNotifyPrivilege component of Abloy Key Manager Version 7.14301.0.0 allows... Critical Unreviewed
CVE-2020-18170 was published May 24, 2022
VITEC Exterity IPTV products through 2021-04-30 allow privilege escalation to root. Critical Unreviewed
CVE-2021-42109 was published May 24, 2022
A vulnerability classified as critical has been found in Demokratian. This affects an unknown... Critical Unreviewed
CVE-2020-36542 was published Jun 8, 2022
An elevated privileges issue related to Spring MVC calls impacts Code Insight v7.x releases up to... Critical Unreviewed
CVE-2020-12083 was published May 24, 2022
Cloudera Manager 7.2.4 has Incorrect Access Control, allowing Escalation of Privileges. Critical Unreviewed
CVE-2021-30132 was published May 24, 2022
There is a vulnerability of tampering with the kernel in Huawei Smartphone.Successful... Critical Unreviewed
CVE-2021-36986 was published May 24, 2022
Dell PowerScale OneFS versions 8.1.0 – 9.1.0 contain a "use of SSH key past account expiration"... Critical Unreviewed
CVE-2021-21502 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API