Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,081
Erlang
29
GitHub Actions
19
Go
1,909
Maven
5,000+
npm
3,642
NuGet
638
pip
3,258
Pub
10
RubyGems
869
Rust
820
Swift
35
Unreviewed advisories
All unreviewed
5,000+

1,139 advisories

Loading
ISPConfig 3.0.4.3: the "Add new Webdav user" can chmod and chown entire server from client... Critical Unreviewed
CVE-2012-2087 was published Apr 23, 2022
Improper Access Control in Shopware High
CVE-2022-24872 was published for shopware/core (Composer) Apr 22, 2022
NilsEvers
Struts ParameterInterceptor vulnerability allows remote command execution Critical
CVE-2011-3923 was published for org.apache.struts:struts2-core (Maven) Apr 22, 2022
On version 2.x before 2.0.3 and 1.x before 1.12.3, the command line restriction that controls... Moderate Unreviewed
CVE-2021-23055 was published Apr 22, 2022
A missing permission check was found in The CLI in JBoss Operations Network before 2.3.1 does not... High Unreviewed
CVE-2010-0737 was published Apr 21, 2022
The affected product is vulnerable to misconfigured binaries, allowing users on the target PC... Moderate Unreviewed
CVE-2021-38483 was published Apr 21, 2022
Vulnerability in the Oracle Banking Payments product of Oracle Financial Services Applications ... Moderate Unreviewed
CVE-2022-21475 was published Apr 20, 2022
VMware Workspace ONE Access, Identity Manager and vRealize Automation contain two remote code... High Unreviewed
CVE-2022-22958 was published Apr 14, 2022
VMware Workspace ONE Access, Identity Manager and vRealize Automation contain a privilege... High Unreviewed
CVE-2022-22960 was published Apr 14, 2022
A vulnerability has been identified in SIMATIC Energy Manager Basic (All versions < V7.3 Update 1... High Unreviewed
CVE-2022-23448 was published Apr 13, 2022
In multiple locations of MediaProvider.java , there is a possible way to get read/write access to... High Unreviewed
CVE-2021-39795 was published Apr 13, 2022
A local privilege escalation vulnerability caused by incorrect permission assignment in some... High Unreviewed
CVE-2022-0556 was published Apr 12, 2022
ZeroTierOne for windows local privilege escalation because of incorrect directory privilege in... High Unreviewed
CVE-2022-1316 was published Apr 12, 2022
The SysDrv3S driver in the CODESYS Control runtime system on Microsoft Windows allows any system... High Unreviewed
CVE-2022-22516 was published Apr 8, 2022
Synaman v5.1 and below was discovered to contain weak file permissions which allows authenticated... High Unreviewed
CVE-2022-26250 was published Apr 7, 2022
Inappropriate implementation in Permissions in Google Chrome prior to 99.0.4844.51 allowed a... Moderate Unreviewed
CVE-2022-0803 was published Apr 6, 2022
BigAnt Server v5.6.06 was discovered to contain an incorrect access control issue. High Unreviewed
CVE-2022-26281 was published Apr 6, 2022
SimpleMachinesForum 2.1.1 and earlier allows remote authenticated administrators to execute... High Unreviewed
CVE-2022-26982 was published Apr 6, 2022
In RuoYi v4.7.2 through the WebUI, user test1 does not have permission to reset the password of... Moderate Unreviewed
CVE-2022-23869 was published Mar 31, 2022
Missing permission check in Jenkins JiraTestResultReporter Plugin Moderate
CVE-2022-28137 was published for org.jenkins-ci.plugins:JiraTestResultReporter (Maven) Mar 30, 2022
NotMyFault
SaltStack Salt Permissions Bypass High
CVE-2022-22941 was published for salt (pip) Mar 30, 2022
An insecure permissions vulnerability in Snapt Aria v12.8 allows unauthenticated attackers to... Low Unreviewed
CVE-2022-24236 was published Mar 22, 2022
The matchmaking servers of Bandai Namco FromSoftware Dark Souls III through 2022-03-19 allow... High Unreviewed
CVE-2022-24125 was published Mar 21, 2022
TMS v2.28.0 contains an insecure permissions vulnerability via the component /TMS/admin/user... Moderate Unreviewed
CVE-2022-26247 was published Mar 21, 2022
A vulnerability in the Brocade Fabric OS before Brocade Fabric OS v9.0.1a, v8.2.3, v8.2.0_CBN4,... Moderate Unreviewed
CVE-2020-15388 was published Mar 19, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database