Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,873
Erlang
37
GitHub Actions
36
Go
2,519
Maven
5,000+
npm
4,156
NuGet
736
pip
3,956
Pub
12
RubyGems
946
Rust
1,026
Swift
39
Unreviewed advisories
All unreviewed
5,000+

1,336 advisories

Loading
A potential security vulnerability has been identified in the HP Jumpstart software, which might... High Unreviewed
CVE-2022-1038 was published Dec 12, 2022
Multiple SEIKO EPSON printer drivers for Windows OS are configured with an improper access... High Unreviewed
CVE-2025-42598 was published Apr 28, 2025
A privilege escalation vulnerability is identified in Ivanti EPM (LANDesk Management Suite) that... Critical Unreviewed
CVE-2022-27773 was published Dec 6, 2022
An access control issue in D-Link DVG-G5402SP GE_1.03 allows unauthenticated attackers to... Critical Unreviewed
CVE-2022-44929 was published Dec 2, 2022
RackN Digital Rebar through 4.6.14, 4.7 through 4.7.22, 4.8 through 4.8.5, 4.9 through 4.9.12,... High Unreviewed
CVE-2022-46382 was published Dec 6, 2022
In sOpAllowSystemRestrictionBypass of AppOpsManager.java, there is a possible leak of location... Low Unreviewed
CVE-2022-20240 was published Dec 13, 2022
In getEnabledAccessibilityServiceList of AccessibilityManager.java, there is a possible way to... High Unreviewed
CVE-2022-20495 was published Dec 13, 2022
In test of ResetTargetTaskHelper.java, there is a possible hijacking of any app which sets... High Unreviewed
CVE-2022-20475 was published Dec 13, 2022
In readLazyValue of Parcel.java, there is a possible loading of arbitrary code into the System... High Unreviewed
CVE-2022-20474 was published Dec 13, 2022
In getNearbyAppStreamingPolicy of DevicePolicyManagerService.java, there is a missing permission... Moderate Unreviewed
CVE-2022-20511 was published Dec 20, 2022
Ubiquiti UniFi Video before 3.8.0 for Windows uses weak permissions for the installation... High Unreviewed
CVE-2016-6914 was published May 13, 2022
MitraStar GPT-2541GNAC (HGU) 1.00(VNJ0)b1 and DSL-100HN-T1 ES_113WJY0b16 devices allow remote... High Unreviewed
CVE-2017-16522 was published May 13, 2022
HashiCorp Vagrant VMware Fusion plugin (aka vagrant-vmware-fusion) before 4.0.24 uses weak... High Unreviewed
CVE-2017-11741 was published May 13, 2022
Synology Download Station 3.8.x before 3.8.5-3475 and 3.x before 3.5-2984 uses weak permissions ... High Unreviewed
CVE-2017-11156 was published May 13, 2022
Internet Explorer in Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an... High Unreviewed
CVE-2017-8625 was published May 13, 2022
Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/J). ... High Unreviewed
CVE-2025-30706 was published Apr 15, 2025
When installing Nessus to a non-default location on a Windows host, Nessus versions prior to 10.8... High Unreviewed
CVE-2025-24914 was published Apr 18, 2025
Documents in deeply-nested cross-origin browsing contexts could have obtained permissions granted... High Unreviewed
CVE-2022-29909 was published Dec 22, 2022
Vulnerability in the RAS Security component of Oracle Database Server. Supported versions that... High Unreviewed
CVE-2025-30701 was published Apr 15, 2025
Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 1.0.735 Application 20.0.1330... Critical Unreviewed
CVE-2025-27682 was published Mar 5, 2025
Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.843 Application 20.0.1923... Critical Unreviewed
CVE-2025-27677 was published Mar 5, 2025
When saving or opening an email attachment on macOS, Thunderbird did not set attribute com.apple... High Unreviewed
CVE-2022-3155 was published Dec 22, 2022
fal_sftp extension for TYPO3 uses weak permissions for sFTP driver files and folders Moderate
CVE-2014-8327 was published for co-stack/fal_sftp (Composer) May 17, 2022
An issue was discovered in Illumos in Nexenta NexentaStor 4.0.5 and 5.1.2, and other products.... High Unreviewed
CVE-2019-9579 was published Dec 26, 2022
The Tomcat package on Red Hat Enterprise Linux (RHEL) 7, Fedora, CentOS, Oracle Linux, and... High Unreviewed
CVE-2016-5425 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database