Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,333
Erlang
31
GitHub Actions
22
Go
2,095
Maven
5,000+
npm
3,760
NuGet
678
pip
3,446
Pub
12
RubyGems
892
Rust
882
Swift
37
Unreviewed advisories
All unreviewed
5,000+

3,397 advisories

Loading
Micro-Star International (MSI) Center <= 1.0.31.0 is vulnerable to multiple Privilege Escalation... High Unreviewed
CVE-2021-44899 was published Feb 9, 2022
Micro-Star International (MSI) Center Pro <= 2.0.16.0 is vulnerable to multiple Privilege... High Unreviewed
CVE-2021-44903 was published Feb 9, 2022
Privilege escalation vulnerability in the Self-Defense driver of Avast Antivirus prior to 20.8... High Unreviewed
CVE-2021-45337 was published Dec 28, 2021
A non-admin user with user management permission can escalate his privilege to admin user via... High Unreviewed
CVE-2022-22572 was published Apr 12, 2022
In executeRequest of OverlayManagerService.java, there is a possible way to control fabricated... High Unreviewed
CVE-2021-39630 was published Jan 15, 2022
Insufficient control flow management in the firmware for some Intel(R) Processors may allow a... Moderate Unreviewed
CVE-2021-0103 was published Feb 11, 2022
Insufficient compartmentalization in HECI subsystem for the Intel(R) SPS before versions... High Unreviewed
CVE-2021-0060 was published Feb 11, 2022
In jit_memory_region.cc, there is a possible bypass of memory restrictions due to a logic error... High Unreviewed
CVE-2021-0959 was published Jan 15, 2022
In multiple methods of EuiccNotificationManager.java, there is a possible way to install existing... High Unreviewed
CVE-2021-39618 was published Jan 15, 2022
In updatePackageMappingsData of UsageStatsService.java, there is a possible way to bypass... High Unreviewed
CVE-2021-39619 was published Feb 12, 2022
A potential security vulnerability has been identified in HPE Superdome Flex and Superdome Flex... Moderate Unreviewed
CVE-2022-23702 was published Apr 13, 2022
The Apache Log4j hotpatch package before log4j-cve-2021-44228-hotpatch-1.1-12 didn’t mimic the... High Unreviewed
CVE-2021-3100 was published Apr 21, 2022
In change_pte_range of mprotect.c , there is a possible way to make a shared mmap writable due to... High Unreviewed
CVE-2021-39802 was published Apr 13, 2022
CyberArk Endpoint Privilege Manager (EPM) through 11.5.3.328 before 2021-12-20 allows a local... High Unreviewed
CVE-2021-44049 was published Jan 16, 2022
Escalation of privileges vulnerability in Micro Focus in Micro Focus Operations Agent, affecting... Low Unreviewed
CVE-2021-38129 was published Jan 26, 2022
In <TBD> of <TBD>, there is a possible bypass of Factory Reset Protection due to <TBD>. This... High Unreviewed
CVE-2021-39678 was published Jan 15, 2022
In sendLegacyVoicemailNotification of LegacyModeSmsHandler.java, there is a possible permissions... High Unreviewed
CVE-2021-39627 was published Jan 15, 2022
An Improper Privilege Management vulnerability in the Windows Installer framework used in the... High Unreviewed
CVE-2022-22187 was published Apr 15, 2022
Chamilo LMS v1.11.13 lacks validation on the user modification form, allowing attackers to... High Unreviewed
CVE-2022-27421 was published Apr 16, 2022
Improper access control in the firmware for some Intel(R) Processors may allow an unauthenticated... High Unreviewed
CVE-2021-0091 was published Feb 11, 2022
Incomplete fix for CVE-2021-3100. The Apache Log4j hotpatch package starting with log4j-cve-2021... High Unreviewed
CVE-2022-0070 was published Apr 21, 2022
A flaw was found in cifs-utils in versions before 6.13. A user when mounting a krb5 CIFS file... Moderate Unreviewed
CVE-2021-20208 was published May 24, 2022
An insecure modification flaw in the /etc/passwd file was found in the openjdk-1.8 and openjdk-11... High Unreviewed
CVE-2021-20264 was published May 24, 2022
Malicious HTML+XHR Artifact Privilege Escalation in Argo Workflows High
CVE-2022-29164 was published for github.com/argoproj/argo-workflows/v3 (Go) May 23, 2022
alexec
A link following privilege escalation vulnerability in Trend Micro Apex One (on-prem and SaaS)... High Unreviewed
CVE-2021-45231 was published Jan 11, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database