GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 23,120
Composer 4,800
Erlang 36
GitHub Actions 29
Go 2,380
Maven 5,718
npm 4,005
NuGet 720
pip 3,805
Pub 12
RubyGems 927
Rust 986
Swift 38

Unreviewed advisories

All unreviewed 262,471

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

1,011 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Review Board: URL processing gives unauthorized users access to review lists Moderate Unreviewed

CVE-2013-4411 was published May 5, 2022

Permissions were not properly verified in the API on projects using version control in Git. This... Moderate Unreviewed

CVE-2022-1502 was published May 5, 2022

Improper access control vulnerability in Contents To Window prior to SMR May-2022 Release 1... Moderate Unreviewed

CVE-2022-28782 was published May 4, 2022

The default configuration of the Security global settings on the Citrix NetScaler Access Gateway... Moderate Unreviewed

CVE-2009-2213 was published May 2, 2022

parse.c in sudo 1.6.9p17 through 1.6.9p19 does not properly interpret a system group (aka %group)... Moderate Unreviewed

CVE-2009-0034 was published May 2, 2022

The ACL plugin in Dovecot before 1.1.4 treats negative access rights as if they are positive... Moderate Unreviewed

CVE-2008-4577 was published May 2, 2022

dbus-daemon in D-Bus before 1.0.3, and 1.1.x before 1.1.20, recognizes send_interface attributes... Moderate Unreviewed

CVE-2008-0595 was published May 1, 2022

index.php in dirLIST before 0.1.1 allows remote attackers to list the contents of an excluded... Moderate Unreviewed

CVE-2007-3968 was published May 1, 2022

Raritan Dominion SX (DSX) Console Servers DSX16, DSX32, DSX4, DSX8, and DSXA-48 set (1) world... Moderate Unreviewed

CVE-2005-2136 was published May 1, 2022

In this physical attack, an attacker may potentially exploit the Zynq-7000 SoC First Stage Boot... Moderate Unreviewed

CVE-2022-23822 was published Apr 28, 2022

cups (Common Unix Printing System) 'Listen localhost:631' option not honored correctly which... Moderate Unreviewed

CVE-2012-6094 was published Apr 23, 2022

Tahoe-LAFS v1.3.0 through v1.8.2 could allow unauthorized users to delete immutable files in some... Moderate Unreviewed

CVE-2011-3617 was published Apr 22, 2022

OSIsoft PI Vision 2020 versions prior to 3.5.0 could disclose information to a user with... Moderate Unreviewed

CVE-2020-25167 was published Apr 19, 2022

Improper access controls in the B. Braun Melsungen AG SpaceCom Version L81/U61 and earlier, and... Moderate Unreviewed

CVE-2020-25160 was published Apr 15, 2022

Apache Subversion SVN authz protected copyfrom paths regression Subversion servers reveal ... Moderate Unreviewed

CVE-2021-28544 was published Apr 13, 2022

Improper access control in GitLab CE/EE versions 10.7 prior to 14.7.7, 10.8 prior to 14.8.5, and... Moderate Unreviewed

CVE-2022-1193 was published Apr 12, 2022

Information exposure vulnerability in One UI Home prior to SMR April-2022 Release 1 allows to... Moderate Unreviewed

CVE-2022-27575 was published Apr 12, 2022

Improper sanitization of incoming intent in Galaxy Store prior to version 4.5.40.5 allows local... Moderate Unreviewed

CVE-2022-28542 was published Apr 12, 2022

Improper Access Control in GitHub repository phpipam/phpipam prior to 1.4.6. Moderate Unreviewed

CVE-2022-1223 was published Apr 5, 2022

Improper Authorization in GitHub repository phpipam/phpipam prior to 1.4.6. Moderate Unreviewed

CVE-2022-1224 was published Apr 5, 2022

The Amelia WordPress plugin before 1.0.49 does not have proper authorisation when managing... Moderate Unreviewed

CVE-2022-0825 was published Apr 5, 2022

The Material Design for Contact Form 7 WordPress plugin through 2.6.4 does not check... Moderate Unreviewed

CVE-2022-0404 was published Apr 5, 2022

The Amelia WordPress plugin before 1.0.48 does not have proper authorisation when handling Amelia... Moderate Unreviewed

CVE-2022-0837 was published Apr 5, 2022

An improper access control vulnerability in GitLab CE/EE affecting all versions from 13.11 prior... Moderate Unreviewed

CVE-2022-1105 was published Apr 5, 2022

Incorrect authorization in the Asana integration's branch restriction feature in all versions of... Moderate Unreviewed

CVE-2022-0740 was published Apr 5, 2022

Previous 1 2 … 35 36 37 38 39 40 41 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

1,011 advisories