Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+

2,992 advisories

Loading
An access control issue in hprms/admin/?page=user/list of Hospital Patient Record Management... High Unreviewed
CVE-2022-22854 was published Feb 15, 2022
Improper Privilege Management in Snipe-IT Moderate
CVE-2022-0579 was published for snipe/snipe-it (Composer) Feb 15, 2022
In system service, there is a possible permission bypass due to a missing permission check. This... High Unreviewed
CVE-2022-20024 was published Feb 11, 2022
In Bluetooth, there is a possible escalation of privilege due to a missing permission check. This... High Unreviewed
CVE-2022-20043 was published Feb 11, 2022
In Bluetooth, there is a possible escalation of privilege due to a missing permission check. This... High Unreviewed
CVE-2022-20041 was published Feb 11, 2022
SAP ERP HCM Portugal - versions 600, 604, 608, does not perform necessary authorization checks... Moderate Unreviewed
CVE-2022-22535 was published Feb 11, 2022
A CWE-862: Missing Authorization vulnerability exists that could cause information exposure when... High Unreviewed
CVE-2022-24317 was published Feb 11, 2022
Improper Access Control in infinispan-server-runtime Moderate
CVE-2020-25711 was published for org.infinispan:infinispan-core (Maven) Feb 9, 2022
Missing authorization in xwiki-platform Moderate
CVE-2022-23621 was published for org.xwiki.platform:xwiki-platform-oldcore (Maven) Feb 9, 2022
Missing authorization in xwiki-platform Moderate
CVE-2022-23617 was published for org.xwiki.platform:xwiki-platform-oldcore (Maven) Feb 9, 2022
The SupportCandy WordPress plugin before 2.2.5 does not have authorisation and CRSF checks in its... Moderate Unreviewed
CVE-2021-24839 was published Feb 8, 2022
The IP2Location Country Blocker WordPress plugin before 2.26.5 does not have authorisation and... High Unreviewed
CVE-2021-25095 was published Feb 8, 2022
The Advanced Cron Manager WordPress plugin before 2.4.2, advanced-cron-manager-pro WordPress... Moderate Unreviewed
CVE-2021-25084 was published Feb 8, 2022
The Ultimate Product Catalog WordPress plugin before 5.0.26 does not have authorisation and CSRF... Moderate Unreviewed
CVE-2021-24993 was published Feb 8, 2022
The Link Library WordPress plugin before 7.2.8 does not have authorisation in place when deleting... High Unreviewed
CVE-2021-25093 was published Feb 2, 2022
Missing authentication in ShenYu High
CVE-2022-23945 was published for org.apache.shenyu:shenyu-common (Maven) Jan 28, 2022
tdunlap607
Missing authentication in ShenYu Critical
CVE-2022-23944 was published for org.apache.shenyu:shenyu-common (Maven) Jan 28, 2022
tdunlap607
Single Connect does not perform an authorization check when using the "log-monitor" module. A... Moderate Unreviewed
CVE-2021-44792 was published Jan 28, 2022
Single Connect does not perform an authorization check when using the sc-reports-ui" module. A... High Unreviewed
CVE-2021-44793 was published Jan 28, 2022
Single Connect does not perform an authorization check when using the "sc-diagnostic-ui" module.... Moderate Unreviewed
CVE-2021-44794 was published Jan 28, 2022
Single Connect does not perform an authorization check when using the "sc-assigned-credential-ui"... High Unreviewed
CVE-2021-44795 was published Jan 28, 2022
Missing Authorization in Crater Invoice Moderate
CVE-2022-0203 was published for bytefury/crater (Composer) Jan 27, 2022
Improper Access Control in snipe-it Moderate
CVE-2022-0178 was published for snipe/snipe-it (Composer) Jan 26, 2022
The Protect WP Admin WordPress plugin before 3.6.2 does not check for authorisation in the lib... High Unreviewed
CVE-2021-24906 was published Jan 25, 2022
The Ultimate FAQ WordPress plugin before 2.1.2 does not have capability and CSRF checks in the... Moderate Unreviewed
CVE-2021-24968 was published Jan 25, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database