Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,205
Erlang
31
GitHub Actions
19
Go
1,988
Maven
5,000+
npm
3,704
NuGet
661
pip
3,332
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+

984 advisories

Loading
In a Junos Fusion scenario an External Control of Critical State Data vulnerability in the... Moderate Unreviewed
CVE-2022-22154 was published Jan 20, 2022
An issue was discovered in Delta RM 1.2. It is possible for an unprivileged user to access the... Moderate Unreviewed
CVE-2021-44837 was published Jan 20, 2022
In all versions of GitLab CE/EE since version 12.0, a lower privileged user can import users from... Moderate Unreviewed
CVE-2021-39892 was published Jan 19, 2022
An issue was discovered in Delta RM 1.2. Using the /risque/risque/ajax-details endpoint, with a... Moderate Unreviewed
CVE-2021-44838 was published Jan 19, 2022
The broadcast that DevicePickerFragment sends when a new device is paired doesn't have any... Moderate Unreviewed
CVE-2021-1037 was published Jan 15, 2022
In StatusBar.java, there is a possible disclosure of notification content on the lockscreen due... Low Unreviewed
CVE-2021-39628 was published Jan 15, 2022
In gre_handle_offloads of ip_gre.c, there is a possible page fault due to an invalid memory... Moderate Unreviewed
CVE-2021-39633 was published Jan 15, 2022
In SAP NetWeaver AS for ABAP and ABAP Platform - versions 701, 702, 711, 730, 731, 740, 750, 751,... Moderate Unreviewed
CVE-2021-42067 was published Jan 15, 2022
Lack of validation for third party application accessing the service can lead to information... Moderate Unreviewed
CVE-2021-30314 was published Jan 14, 2022
Missing permission checks in SSH Agent Plugin allow enumerating credentials IDs Moderate
CVE-2022-20620 was published for org.jenkins-ci.plugins:ssh-agent (Maven) Jan 13, 2022
westonsteimel
Agent-to-controller security bypass in Jenkins Debian Package Builder Plugin High
CVE-2022-23118 was published for ru.yandex.jenkins.plugins.debuilder:debian-package-builder (Maven) Jan 13, 2022
westonsteimel
IBM Engineering Workflow Management 7.0, 7.0.1, and 7.0.2 as well as IBM Rational Team Concert 6... Moderate Unreviewed
CVE-2021-29701 was published Jan 12, 2022
Windows GDI+ Information Disclosure Vulnerability. This CVE ID is unique from CVE-2022-21915. High Unreviewed
CVE-2022-21880 was published Jan 12, 2022
Windows GDI Information Disclosure Vulnerability. High Unreviewed
CVE-2022-21904 was published Jan 12, 2022
Windows GDI+ Information Disclosure Vulnerability. This CVE ID is unique from CVE-2022-21880. Moderate Unreviewed
CVE-2022-21915 was published Jan 12, 2022
Remote Desktop Licensing Diagnoser Information Disclosure Vulnerability. Moderate Unreviewed
CVE-2022-21964 was published Jan 12, 2022
The affected product is vulnerable to an improper access control, which may allow an... Moderate Unreviewed
CVE-2021-23173 was published Jan 11, 2022
The distributed data service component has a vulnerability in data access control. Successful... High Unreviewed
CVE-2021-40005 was published Jan 11, 2022
In Beaver Builder through 2.5.0.3, attackers can bypass the visibility controls protection... Moderate Unreviewed
CVE-2021-42748 was published Jan 11, 2022
In Beaver Themer, attackers can bypass conditional logic controls (for hiding content) when... Moderate Unreviewed
CVE-2021-42749 was published Jan 11, 2022
SQL Injection in Apache Kylin Moderate
CVE-2021-36774 was published for org.apache.kylin:kylin (Maven) Jan 8, 2022
bookstack is vulnerable to Improper Access Control Moderate
CVE-2021-4194 was published for ssddanbrown/bookstack (Composer) Jan 8, 2022
Abomonation transmutes &T to and from &[u8] without sufficient constraints High
CVE-2021-45708 was published for abomonation (Rust) Jan 6, 2022
Improper handling of resource allocation in virtual machines can lead to information exposure in... Moderate Unreviewed
CVE-2021-1918 was published Jan 4, 2022
Improper access control while doing XPU re-configuration dynamically can lead to unauthorized... High Unreviewed
CVE-2021-30276 was published Jan 4, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database