Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,851
Erlang
36
GitHub Actions
35
Go
2,481
Maven
5,000+
npm
4,098
NuGet
734
pip
3,914
Pub
12
RubyGems
945
Rust
1,016
Swift
39
Unreviewed advisories
All unreviewed
5,000+

1,231 advisories

Loading
NUUO NVRmini2 through 3.11 allows an unauthenticated attacker to upload an encrypted TAR archive,... Critical Unreviewed
CVE-2022-23227 was published Jan 15, 2022
The Bosch software tools AccessIPConfig.exe and AmcIpConfig.exe are used to configure certains... High Unreviewed
CVE-2021-23843 was published Jan 20, 2022
Vulnerability in the Oracle Access Manager product of Oracle Fusion Middleware (component:... Critical Unreviewed
CVE-2021-35587 was published Jan 20, 2022
Improper Access Control in Onionshare Moderate
CVE-2022-21691 was published for onionshare-cli (pip) Jan 21, 2022
Fresenius Kabi Agilia Link + version 3.0 has a default configuration page accessible without... Moderate Unreviewed
CVE-2021-33843 was published Jan 22, 2022
USBView 2.1 before 2.2 allows some local users (e.g., ones logged in via SSH) to execute... High Unreviewed
CVE-2022-23220 was published Jan 22, 2022
This vulnerability allows network-adjacent attackers to disclose sensitive information on... Moderate Unreviewed
CVE-2021-34870 was published Jan 26, 2022
Missing authentication in ShenYu Critical
CVE-2022-23944 was published for org.apache.shenyu:shenyu-common (Maven) Jan 28, 2022
tdunlap607
Missing authentication in ShenYu High
CVE-2022-23945 was published for org.apache.shenyu:shenyu-common (Maven) Jan 28, 2022
tdunlap607
A specially crafted script could cause the DeltaV Distributed Control System Controllers (All... Moderate Unreviewed
CVE-2021-26264 was published Jan 29, 2022
NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (nvidia.ko), where a... Moderate Unreviewed
CVE-2022-21816 was published Feb 8, 2022
Improper Authentication in Apache ActiveMQ Moderate
CVE-2020-13920 was published for org.apache.activemq:activemq-parent (Maven) Feb 9, 2022
sunSUNQ
Remote code execution in Apache TomEE Critical
CVE-2020-13931 was published for org.apache.tomee:apache-tomee (Maven) Feb 9, 2022
A denial of service vulnerability exists in the Modbus configuration functionality of Sealevel... High Unreviewed
CVE-2021-21964 was published Feb 10, 2022
Authentication bypass in Apache Hadoop High
CVE-2018-11764 was published for org.apache.hadoop:hadoop-main (Maven) Feb 10, 2022
Improper Authentication in Apache Spark Critical
CVE-2020-9480 was published for org.apache.spark:spark-parent_2.11 (Maven) Feb 10, 2022
Missing Authentication for Critical Function in Apache TomEE High
CVE-2020-11969 was published for org.apache.tomee:tomee (Maven) Feb 10, 2022
In Mahara 21.04 before 21.04.3 and 21.10 before 21.10.1, portfolios created in groups that have... Moderate Unreviewed
CVE-2022-24111 was published Feb 11, 2022
A CWE-306: Missing Authentication for Critical Function vulnerability exists that could allow... Moderate Unreviewed
CVE-2022-22809 was published Feb 11, 2022
A CWE-306: Missing Authentication for Critical Function vulnerability exists that could cause... Critical Unreviewed
CVE-2021-22823 was published Feb 12, 2022
A CWE-306: Missing Authentication for Critical Function vulnerability exists that could cause... Critical Unreviewed
CVE-2021-22805 was published Feb 12, 2022
The CMP WordPress plugin before 4.0.19 allows any user, even not logged in, may arbitrarily... Moderate Unreviewed
CVE-2022-0188 was published Feb 15, 2022
Denial of service in Grafana Moderate
CVE-2021-27358 was published for github.com/grafana/grafana (Go) Feb 15, 2022
Emerson OpenEnterprise versions through 3.3.4 may allow an attacker to run an arbitrary commands... Critical Unreviewed
CVE-2020-10640 was published Feb 25, 2022
The TP-240 (aka tp240dvr) component in Mitel MiCollab before 9.4 SP1 FP1 and MiVoice Business... Critical Unreviewed
CVE-2022-26143 was published Mar 11, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database