Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,743
Erlang
35
GitHub Actions
29
Go
2,315
Maven
5,000+
npm
3,949
NuGet
711
pip
3,729
Pub
12
RubyGems
920
Rust
965
Swift
38
Unreviewed advisories
All unreviewed
5,000+

106 advisories

Loading
Nagios XI before 5.8.5 has Incorrect Permission Assignment for migrate.php. Critical Unreviewed
CVE-2021-36363 was published May 24, 2022
Nagios XI before 5.8.5 has Incorrect Permission Assignment for repairmysql.sh. Critical Unreviewed
CVE-2021-36365 was published May 24, 2022
There is a vulnerability of tampering with the kernel in Huawei Smartphone.Successful... Critical Unreviewed
CVE-2021-36990 was published May 24, 2022
There is a Kernel crash vulnerability in Huawei Smartphone.Successful exploitation of this... Critical Unreviewed
CVE-2021-36989 was published May 24, 2022
Power Distribution Units running on Powertek firmware (multiple brands) before 3.30.30 have an... Critical Unreviewed
CVE-2022-33175 was published Jun 14, 2022
When curl < 7.84.0 saves cookies, alt-svc and hsts data to local files, it makes the operation... Critical Unreviewed
CVE-2022-32207 was published Jul 8, 2022
The application security module has a vulnerability in permission assignment. Successful... Critical Unreviewed
CVE-2022-34737 was published Jul 13, 2022
The AOD module has a vulnerability in permission assignment. Successful exploitation of this... Critical Unreviewed
CVE-2022-37003 was published Aug 11, 2022
Authentication bypass for the Open AMT Cloud Toolkit software maintained by Intel(R) before... Critical Unreviewed
CVE-2022-25899 was published Aug 19, 2022
influxData influxDB before v1.8.10 contains no authentication mechanism or controls, allowing... Critical Unreviewed
CVE-2022-36640 was published Sep 3, 2022
TOTOLINK A3002R TOTOLINK-A3002R-He-V1.1.1-B20200824.0128 is vulnerable to Insecure Permissions... Critical Unreviewed
CVE-2022-40109 was published Sep 7, 2022
Weak File and Folder Permissions vulnerability in CLUSTERPRO X 5.0 for Windows and earlier,... Critical Unreviewed
CVE-2022-34824 was published Nov 9, 2022
An access control issue in D-Link DVG-G5402SP GE_1.03 allows unauthenticated attackers to... Critical Unreviewed
CVE-2022-44929 was published Dec 2, 2022
A privilege escalation vulnerability is identified in Ivanti EPM (LANDesk Management Suite) that... Critical Unreviewed
CVE-2022-27773 was published Dec 6, 2022
Potential security vulnerabilities have been identified in an OMEN Gaming Hub SDK package which... Critical Unreviewed
CVE-2021-3437 was published Dec 12, 2022
A vulnerability has been found in trampgeek jobe up to 1.6.4 and classified as problematic. This... Critical Unreviewed
CVE-2021-4297 was published Jan 1, 2023
A 2-Step Verification problem in Axigen 10.3.3.52 allows an attacker to access a mailbox by... Critical Unreviewed
CVE-2023-23566 was published Jan 13, 2023
An issue in ttyd v.1.6.3 allows attacker to execute arbitrary code via default configuration... Critical Unreviewed
CVE-2021-34182 was published Feb 17, 2023
Diasoft File Replication Pro 7.5.0 allows attackers to escalate privileges by replacing a... Critical Unreviewed
CVE-2023-26918 was published Apr 14, 2023
Rancher Webhook is misconfigured during upgrade process Critical
CVE-2023-22651 was published for github.com/rancher/rancher (Go) Apr 24, 2023
pjbgf
An issue was discovered in GeoVision GV-Edge Recording Manager 2.2.3.0 for windows, which... Critical Unreviewed
CVE-2023-23059 was published May 4, 2023
SolarView Compact <= 6.0 is vulnerable to Insecure Permissions. Any file on the server can be... Critical Unreviewed
CVE-2023-29919 was published May 23, 2023
SoLive 1.6.14 thru 1.6.20 for Android exists exposed component, the component provides the method... Critical Unreviewed
CVE-2023-29732 was published May 30, 2023
A privilege escalation allowing remote code execution was discovered in the orchestration service. Critical Unreviewed
CVE-2023-2530 was published Jun 7, 2023
Marval MSM through 14.19.0.12476 and 15.0 has a System account with default credentials. A remote... Critical Unreviewed
CVE-2023-33282 was published Jun 7, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database