Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,636
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

1,874 advisories

Loading
This issue was addressed with improved state management. This issue is fixed in Apple Music 3.9... High Unreviewed
CVE-2022-32836 was published Feb 27, 2023
RosarioSIS Improper Access Control vulnerability High
CVE-2023-0994 was published for francoisjacquet/rosariosis (Composer) Feb 24, 2023
Codiad information disclosure vulnerability High
CVE-2017-20178 was published for codiad/codiad (Composer) Feb 21, 2023
IBM QRadar SIEM 7.4 and 7.5 is vulnerable to information exposure allowing a non-tenant user with... High Unreviewed
CVE-2022-34351 was published Feb 17, 2023
User data in TPM attestation vulnerable to MITM High
GHSA-r2h5-3hgw-8j34 was published for github.com/edgelesssys/constellation/v2 (Go) Feb 17, 2023
IBM Db2 for Linux, UNIX and Windows 10.5, 11.1, and 11.5 is vulnerable to information Disclosure... High Unreviewed
CVE-2022-43927 was published Feb 17, 2023
IBM Maximo Asset Management 7.6.1.2 and 7.6.1.3 could allow a remote attacker to obtain sensitive... High Unreviewed
CVE-2022-41734 was published Feb 17, 2023
IBM Db2 for Linux, UNIX and Windows 10.5, 11.1, and 11.5 is vulnerable to an Information... High Unreviewed
CVE-2022-43930 was published Feb 17, 2023
SAP BusinessObjects Business Intelligence platform - versions 420, 430, allows an authenticated... High Unreviewed
CVE-2023-0020 was published Feb 14, 2023
WALLIX Access Manager 3.x through 4.0.x allows a remote attacker to access sensitive information. High Unreviewed
CVE-2023-23592 was published Feb 10, 2023
Sensitive Information leak via Script File in TinaCMS High
CVE-2023-25164 was published for @tinacms/cli (npm) Feb 8, 2023
NVS365 V01 is vulnerable to Incorrect Access Control. After entering a wrong password, the url... High Unreviewed
CVE-2022-47070 was published Feb 3, 2023
A vulnerability was found in BDCOM 1704-WGL 2.0.6314. It has been classified as critical. This... High Unreviewed
CVE-2023-0659 was published Feb 3, 2023
A vulnerability, which was classified as critical, was found in Multilaser RE057 and RE170 2.1/2... High Unreviewed
CVE-2023-0658 was published Feb 3, 2023
A CWE-200: Information Exposure vulnerability exists that could cause the exposure of sensitive... High Unreviewed
CVE-2021-22786 was published Feb 1, 2023
BTCPay Server 1.3.0 through 1.5.3 allows a remote attacker to obtain sensitive information when a... High Unreviewed
CVE-2022-32984 was published Feb 1, 2023
Plaintext storage of sensitive data in Rancher API and cluster.management.cattle.io objects High
CVE-2022-43757 was published for github.com/rancher/rancher (Go) Jan 25, 2023
An issue was discovered in OpenText Content Suite Platform 22.1 (16.2.19.1803). The action... High Unreviewed
CVE-2022-45925 was published Jan 18, 2023
IBM QRadar SIEM 7.4 and 7.5copies certificate key files used for SSL/TLS in the QRadar web user... High Unreviewed
CVE-2023-22875 was published Jan 17, 2023
In freeradius, the EAP-PWD function compute_password_element() leaks information about the... High Unreviewed
CVE-2022-41859 was published Jan 17, 2023
RONDS EPM version 1.19.5 has a vulnerability in which a function could allow unauthenticated... High Unreviewed
CVE-2022-3091 was published Jan 17, 2023
Gitops Run insecure communication High
CVE-2022-23509 was published for github.com/weaveworks/weave-gitops (Go) Jan 9, 2023
pjbgf
Credited to pjbgf
A vulnerability was found in Netis Netcore Router. It has been declared as problematic. Affected... High Unreviewed
CVE-2023-0113 was published Jan 7, 2023
Information disclosure due to an insecure hostname validation in the RYDE application 5.8.43 for... High Unreviewed
CVE-2022-42979 was published Jan 6, 2023
A vulnerability was found in Evolution Events Artaxerxes. It has been declared as problematic.... High Unreviewed
CVE-2022-4869 was published Jan 5, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database