GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,611
Composer 5,007
Erlang 39
GitHub Actions 38
Go 2,638
Maven 6,105
npm 4,263
NuGet 760
pip 4,058
Pub 12
RubyGems 956
Rust 1,056
Swift 45

Unreviewed advisories

All unreviewed 276,969

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

9,971 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Exposure of Sensitive Information to an Unauthorized Actor Moderate

CVE-2021-32712 was published for shopware/shopware (Composer) Sep 8, 2021

Accounted time is shown in the Ticket Detail View (External Interface), even if ExternalFrontend:... Moderate Unreviewed

CVE-2022-1004 was published Mar 22, 2022

IBM Business Automation Workflow 18.0, 19.0, 20.0, and 21.0 and IBM Business Process Manager 8.5... Moderate Unreviewed

CVE-2021-39046 was published Mar 19, 2022

This issue was addressed with improved checks. This issue is fixed in tvOS 15.4, iOS 15.4 and... Moderate Unreviewed

CVE-2022-22621 was published Mar 19, 2022

Bluedon Information Security Technologies Co.,Ltd Internet Access Detector v1.0 was discovered to... High Unreviewed

CVE-2022-25571 was published Mar 25, 2022

The Reporting module in Aseco Lietuva document management system DVS Avilys before 2022-03-10... High Unreviewed

CVE-2022-27192 was published Mar 25, 2022

Unspecified vulnerability in the mod_mono module for XSP in Mono 2.8.x before 2.8.2 allows remote... Moderate Unreviewed

CVE-2010-4225 was published May 17, 2022

Photos in Apple iOS before 4.2 enables support for HTTP Basic Authentication over an unencrypted... Moderate Unreviewed

CVE-2010-3831 was published May 17, 2022

admin/upgrade_unattended.php in MantisBT before 1.2.4 allows remote attackers to obtain sensitive... Moderate Unreviewed

CVE-2010-4349 was published May 17, 2022

SAP BusinessObjects Enterprise XI 3.2 allows remote attackers to trigger TCP connections to... Moderate Unreviewed

CVE-2010-3982 was published May 17, 2022

HP Asset Manager 9.40 and 9.41 before 9.41.11103 P4-rev1 and 9.50 before 9.50.11925 P3 allows... Low Unreviewed

CVE-2015-5448 was published May 17, 2022

ImageIO in Apple iOS before 8.4.1 and OS X before 10.10.5 does not properly initialize an... Moderate Unreviewed

CVE-2015-5781 was published May 17, 2022

The Citibank Citi Mobile app before 2.0.3 for iOS stores account data in a file, which allows... Low Unreviewed

CVE-2010-2913 was published May 17, 2022

The Sandbox_profiles component in Apple iOS before 8.4.1 allows attackers to bypass the third... Moderate Unreviewed

CVE-2015-5749 was published May 17, 2022

The vSphere Web Client (FLEX/Flash) contains an unauthorized arbitrary file read vulnerability. A... High Unreviewed

CVE-2021-21980 was published Nov 25, 2021

An information disclosure vulnerability in Webadmin allows an unauthenticated remote attacker to... Moderate Unreviewed

CVE-2022-0331 was published Mar 30, 2022

Wyse Device Agent version 14.6.1.4 and below contain a sensitive data exposure vulnerability. A... Moderate Unreviewed

CVE-2022-23158 was published Apr 2, 2022

Wyse Device Agent version 14.6.1.4 and below contain a sensitive data exposure vulnerability. A... Moderate Unreviewed

CVE-2022-23157 was published Apr 2, 2022

The Booking Package WordPress plugin before 1.5.29 requires a token for exporting the ical... High Unreviewed

CVE-2022-0709 was published Apr 5, 2022

The JobMonster Theme was vulnerable to Directory Listing in the /wp-content/uploads/jobmonster/... Moderate Unreviewed

CVE-2022-1166 was published Apr 5, 2022

It was observed that while login into Business-central console, HTTP request discloses sensitive... High Unreviewed

CVE-2019-14839 was published Apr 3, 2022

An exposure of sensitive information to an unauthorized actor vulnerability [CWE-200] in... Moderate Unreviewed

CVE-2021-43205 was published Apr 7, 2022

Apperta Foundation OpenEyes 3.5.1 allows remote attackers to view the sensitive information of... Moderate Unreviewed

CVE-2021-40375 was published Apr 7, 2022

Zoho ManageEngine ServiceDesk Plus before 13001 allows anyone to know the organisation's default... Moderate Unreviewed

CVE-2022-25245 was published Apr 6, 2022

The CCAgent option 9.0.8.4 and earlier in the management server (aka TSA) component in Alcatel... Moderate Unreviewed

CVE-2010-3280 was published May 17, 2022

Previous 1…4…399 Next

Previous 1 2 3 4 5 6 … 398 399 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

9,971 advisories