Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,205
Erlang
31
GitHub Actions
19
Go
1,988
Maven
5,000+
npm
3,704
NuGet
661
pip
3,330
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+

267 advisories

Loading
Luocms v2.0 is affected by an incorrect access control vulnerability. Through /admin/templates... Critical Unreviewed
CVE-2022-24609 was published Mar 11, 2022
EyouCMS v1.5.5 was discovered to have no access control in the component /data/sqldata. Critical Unreviewed
CVE-2022-26279 was published Mar 26, 2022
An issue has been discovered in GitLab CE/EE affecting all versions starting from 12.10 before 14... Critical Unreviewed
CVE-2022-0735 was published Mar 29, 2022
An Access Control vulnerability exists in SoroushPlus+ Messenger 1.0.30 in the Lock Screen... Critical Unreviewed
CVE-2022-26629 was published Mar 25, 2022
IBM Spectrum Copy Data Management 2.2.13 and earlier could allow a remote attacker to access the... Critical Unreviewed
CVE-2021-39052 was published Dec 14, 2021
An Incorrect Access Control vulnerability exists in zzcms less than or equal to 2019 via admin... Critical Unreviewed
CVE-2021-43703 was published Dec 10, 2021
aEnrich a+HRD has inadequate privilege restrictions, an unauthenticated remote attacker can use... Critical Unreviewed
CVE-2022-26676 was published Apr 8, 2022
An incorrect access control issue at /admin/run_ajax.php in zbzcms v1.0 allows attackers to... Critical Unreviewed
CVE-2022-27128 was published Apr 11, 2022
An unauthorized file deletion vulnerability in Telesquare TLR-2855KS6 via DELETE method can allow... Critical Unreviewed
CVE-2021-46419 was published Apr 8, 2022
There is an arbitrary address access vulnerability with the product line test code.Successful... Critical Unreviewed
CVE-2021-39994 was published Feb 11, 2022
IBM Security Verify Access 10.0.0.0, 10.0.1.0 and 10.0.2.0 with the advanced access control... Critical Unreviewed
CVE-2021-39070 was published Feb 3, 2022
Joomla! Core is prone to a security bypass vulnerability. Exploiting this issue may allow... Critical Unreviewed
CVE-2010-1435 was published Apr 21, 2022
Depending on the configuration of the route permission table in file 'saprouttab', it is possible... Critical Unreviewed
CVE-2022-27668 was published Jun 15, 2022
A vulnerability in an API endpoint of Cisco Application Policy Infrastructure Controller (APIC)... Critical Unreviewed
CVE-2021-1577 was published May 24, 2022
An issue has recently been discovered in Arista EOS where certain gNOI APIs incorrectly skip... Critical Unreviewed
CVE-2021-28506 was published Jan 15, 2022
WPS Hide Login 1.6.1 allows remote attackers to bypass a protection mechanism via post_password. Critical Unreviewed
CVE-2021-3332 was published May 24, 2022
An improper authorization vulnerability in Palo Alto Networks Cortex XSOAR enables a remote... Critical Unreviewed
CVE-2021-3044 was published May 24, 2022
Tieline IP Audio Gateway 2.6.4.8 and below is affected by Incorrect Access Control. A... Critical Unreviewed
CVE-2021-35336 was published May 24, 2022
TrueStack Direct Connect 1.4.7 has Incorrect Access Control. Critical Unreviewed
CVE-2022-23775 was published May 26, 2022
A ZTE product is impacted by improper access control vulnerability. The attacker could exploit... Critical Unreviewed
CVE-2021-21730 was published May 24, 2022
There is an arbitrary password modification vulnerability in a D-LINK DSL-2888A router product.... Critical Unreviewed
CVE-2021-33346 was published May 24, 2022
Bonita Web 2021.2 is affected by a authentication/authorization bypass vulnerability due to an... Critical Unreviewed
CVE-2022-25237 was published Jun 3, 2022
The unofficial GLSL Linting extension before 1.4.0 for Visual Studio Code allows remote code... Critical Unreviewed
CVE-2021-30503 was published May 24, 2022
A vulnerability in the vae_admin_rule database table of vaeThink v1.0.1 allows attackers to... Critical Unreviewed
CVE-2020-19301 was published May 24, 2022
CODESYS V2 Web-Server before 1.1.9.20 has an Improperly Implemented Security Check. Critical Unreviewed
CVE-2021-30192 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database