Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,056
Erlang
29
GitHub Actions
19
Go
1,889
Maven
5,000+
npm
3,618
NuGet
638
pip
3,231
Pub
10
RubyGems
854
Rust
817
Swift
35
Unreviewed advisories
All unreviewed
5,000+

871 advisories

Loading
Improper Privilege Management in shelljs Moderate
GHSA-64g7-mvw6-v9qj was published for shelljs (npm) Jan 14, 2022
katello Improper Privilege Management vulnerability Moderate
CVE-2017-2662 was published for katello (RubyGems) May 13, 2022
In ims service, there is a possible unexpected application behavior due to incorrect privilege... Moderate Unreviewed
CVE-2022-20051 was published Mar 11, 2022
In vpu, there is a possible escalation of privilege due to a missing permission check. This could... Moderate Unreviewed
CVE-2022-20049 was published Mar 11, 2022
In preloader (usb), there is a possible permission bypass due to a missing proper image... Moderate Unreviewed
CVE-2022-20060 was published Mar 11, 2022
Ericsson Network Manager 20.2 has Insecure Permissions. Moderate Unreviewed
CVE-2021-28488 was published Mar 11, 2022
One of the API in Mattermost version 6.3.0 and earlier fails to properly protect the permissions,... Moderate Unreviewed
CVE-2022-1003 was published Mar 19, 2022
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 9.7, 10.1, 10.5, 11.1, and 11.5... Moderate Unreviewed
CVE-2021-38926 was published Dec 10, 2021
In ic_startRetrieveEntryValue of acropora/app/identity/ic.c, there is a possible bypass of... Moderate Unreviewed
CVE-2021-39643 was published Dec 16, 2021
An issue has been discovered in GitLab CE/EE affecting all versions starting from 8.11 before 14... Moderate Unreviewed
CVE-2021-39931 was published Dec 14, 2021
Windows Mobile Device Management Elevation of Privilege Vulnerability Moderate Unreviewed
CVE-2021-43880 was published Dec 16, 2021
In Telecomm, there is a possible way to determine whether an app is installed, without query... Moderate Unreviewed
CVE-2021-39778 was published Mar 31, 2022
IBM SterlingPartner Engagement Manager 6.2.0 could allow a malicious user to elevate their... Moderate Unreviewed
CVE-2022-22328 was published Apr 2, 2022
Dell VNX2 for File version 8.1.21.266 and earlier, contain a privilege escalation vulnerability.... Moderate Unreviewed
CVE-2021-36293 was published Apr 9, 2022
Dell VNX2 for File version 8.1.21.266 and earlier, contain a privilege escalation vulnerability.... Moderate Unreviewed
CVE-2021-36290 was published Apr 9, 2022
A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE)... Moderate Unreviewed
CVE-2022-20782 was published Apr 7, 2022
StorageGRID (formerly StorageGRID Webscale) versions 11.5 prior to 11.5.0.5 are susceptible to a... Moderate Unreviewed
CVE-2021-27006 was published Dec 24, 2021
Dell PowerScale OneFS, versions 8.2.0-9.3.0, contains an Improper Handling of Insufficient... Moderate Unreviewed
CVE-2022-23160 was published Apr 13, 2022
Insufficient control flow management in the firmware for some Intel(R) Processors may allow a... Moderate Unreviewed
CVE-2021-0103 was published Feb 11, 2022
A potential security vulnerability has been identified in HPE Superdome Flex and Superdome Flex... Moderate Unreviewed
CVE-2022-23702 was published Apr 13, 2022
A flaw was found in cifs-utils in versions before 6.13. A user when mounting a krb5 CIFS file... Moderate Unreviewed
CVE-2021-20208 was published May 24, 2022
An issue was discovered in Delta RM 1.2. Using an privileged account, it is possible to edit,... Moderate Unreviewed
CVE-2021-44840 was published Jan 19, 2022
An issue was discovered in MB connect line mymbCONNECT24 and mbCONNECT24 software in all versions... Moderate Unreviewed
CVE-2020-12527 was published May 24, 2022
IBM Cognos Analytics 11.1.7, 11.2.0, and 11.1.7 is vulnerable to priviledge escalation where a... Moderate Unreviewed
CVE-2021-29824 was published Apr 23, 2022
SAP startservice - of SAP NetWeaver Application Server ABAP, Application Server Java, ABAP... Moderate Unreviewed
CVE-2022-29614 was published Jun 15, 2022
ProTip! Advisories are also available from the GraphQL API