GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,941
Erlang
29
GitHub Actions
16
Go
1,722
Maven
4,952
npm
3,481
NuGet
605
pip
3,049
Pub
10
RubyGems
832
Rust
778
Swift
34
Unreviewed advisories
All unreviewed
5,000+
3,060 advisories
Filter by severity
The IBM Spectrum Protect 8.1.14.000 server could allow a remote attacker to bypass security...
High
Unreviewed
CVE-2022-22394
was published
Mar 22, 2022
certain VT-d IOMMUs may not work in shared page table mode For efficiency reasons, address...
High
Unreviewed
CVE-2021-28710
was published
Nov 22, 2021
One of the API in Mattermost version 6.3.0 and earlier fails to properly protect the permissions,...
Moderate
Unreviewed
CVE-2022-1003
was published
Mar 19, 2022
A logic issue was addressed with improved state management. This issue is fixed in iOS 15.4 and...
High
Unreviewed
CVE-2022-22639
was published
Mar 19, 2022
A privilege escalation vulnerability exists in the Windows version of installation for Advantech...
High
Unreviewed
CVE-2021-21910
was published
Dec 23, 2021
In NotificationStackScrollLayout of NotificationStackScrollLayout.java, there is a possible way...
High
Unreviewed
CVE-2021-0957
was published
Mar 17, 2022
In several functions of binder.c, there is a possible way to represent the wrong domain to...
High
Unreviewed
CVE-2021-39686
was published
Mar 17, 2022
A logic issue was addressed with improved validation. This issue is fixed in macOS Monterey 12.3....
High
Unreviewed
CVE-2022-22665
was published
Mar 19, 2022
In multiple functions of odsign_main.cpp, there is a possible way to persist system attack due to...
High
Unreviewed
CVE-2021-39689
was published
Mar 17, 2022
In onUidStateChanged of AppOpsService.java, there is a possible way to access location without a...
High
Unreviewed
CVE-2021-39693
was published
Mar 17, 2022
'Long-term Data Archive Package' service implemented in the following Yokogawa Electric products...
High
Unreviewed
CVE-2022-22141
was published
Mar 12, 2022
Ericsson Network Manager 20.2 has Insecure Permissions.
Moderate
Unreviewed
CVE-2021-28488
was published
Mar 11, 2022
In ims service, there is a possible escalation of privilege due to a missing permission check....
High
Unreviewed
CVE-2022-20053
was published
Mar 11, 2022
An elevation of privilege vulnerability in the QNX Neutrino Kernel of affected versions of QNX...
High
Unreviewed
CVE-2021-32025
was published
Mar 11, 2022
The System Diagnosis service of MyASUS before 3.1.2.0 allows privilege escalation.
Critical
Unreviewed
CVE-2022-22814
was published
Mar 11, 2022
In preloader (usb), there is a possible permission bypass due to a missing proper image...
Moderate
Unreviewed
CVE-2022-20060
was published
Mar 11, 2022
In ims service, there is a possible unexpected application behavior due to incorrect privilege...
Moderate
Unreviewed
CVE-2022-20051
was published
Mar 11, 2022
In vpu, there is a possible escalation of privilege due to a missing permission check. This could...
Moderate
Unreviewed
CVE-2022-20049
was published
Mar 11, 2022
In (TBD) of (TBD), there is a possible way to boot with a hidden debug policy due to a missing...
High
Unreviewed
CVE-2021-39653
was published
Dec 16, 2021
katello Improper Privilege Management vulnerability
Moderate
CVE-2017-2662
was published
for
katello
(RubyGems)
May 13, 2022
H C Mingham-Smith Ltd - Tardis 2000 Privilege escalation.Version 1.6 is vulnerable to privilege...
High
Unreviewed
CVE-2022-39182
was published
Jan 12, 2023
Improper Privilege Management in org.apache.hadoop:hadoop-main
High
CVE-2018-11767
was published
for
org.apache.hadoop:hadoop-main
(Maven)
Mar 25, 2019
Improper Privilege Management in shelljs
Moderate
GHSA-64g7-mvw6-v9qj
was published
for
shelljs
(npm)
Jan 14, 2022
Privilege Escalation in Kubernetes
Critical
CVE-2018-1002105
was published
for
github.com/kubernetes/kubernetes
(Go)
Feb 15, 2022
Improper Privilege Management in HashiCorp Nomad
High
CVE-2021-3283
was published
for
github.com/hashicorp/nomad
(Go)
Jun 24, 2021
ProTip!
Advisories are also available from the
GraphQL API