Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,636
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

1,874 advisories

Loading
Aethon TUG Home Base Server versions prior to version 24 are affected by un unauthenticated... High Unreviewed
CVE-2022-1070 was published Oct 21, 2022
ZGR TPS200 NG in its 2.00 firmware version and 1.01 hardware version, allows a remote attacker... High Unreviewed
CVE-2020-8975 was published Oct 18, 2022
Under certain conditions an authenticated attacker can get access to OS credentials. Getting... High Unreviewed
CVE-2022-39013 was published Oct 12, 2022
Unauthenticated Sensitive Information Disclosure vulnerability in Customer Reviews for... High Unreviewed
CVE-2022-40194 was published Sep 25, 2022
An isolated local disclosure of information and potential isolated local arbitrary code execution... High Unreviewed
CVE-2022-28638 was published Sep 21, 2022
Parse Server vulnerable to brute force guessing of user sensitive data via search patterns High
CVE-2022-36079 was published for parse-server (npm) Sep 16, 2022
s00py
Credited to s00py
On Linksys E5350 WiFi Router with firmware version 1.0.00.037 and lower, (and potentially other... High Unreviewed
CVE-2022-35572 was published Sep 13, 2022
The version of podman as released for Red Hat Enterprise Linux 7 Extras via RHSA-2022:2190... High Unreviewed
CVE-2022-2739 was published Sep 2, 2022
A vulnerability was found in linux kernel, where an information leak occurs via... High Unreviewed
CVE-2022-0850 was published Aug 29, 2022
ZK Framework vulnerable to malicious POST High
CVE-2022-36537 was published for org.zkoss.zk:zk (Maven) Aug 27, 2022
tdunlap607
Credited to tdunlap607
There are two Information Disclosure vulnerabilities in colord, and they lie in colord/src/cd... High Unreviewed
CVE-2021-42523 was published Aug 26, 2022
There is a Information Disclosure vulnerability in anjuta/plugins/document-manager/anjuta... High Unreviewed
CVE-2021-42522 was published Aug 26, 2022
A flaw was found in the Linux kernels memory deduplication mechanism. Previous work has shown... High Unreviewed
CVE-2021-3714 was published Aug 24, 2022
A flaw was found in glib before version 2.63.6. Due to random charset alias, pkexec can leak... High Unreviewed
CVE-2021-3800 was published Aug 24, 2022
Tabit - giftcard stealth. Several APIs on the web system display, without authorization,... High Unreviewed
CVE-2022-34776 was published Aug 23, 2022
HTTP applications (servers) based on Crow through 1.0+4 may reveal potentially sensitive data... High Unreviewed
CVE-2022-38668 was published Aug 23, 2022
A vulnerability has been identified in Simcenter STAR-CCM+ (All versions only if the Power-on... High Unreviewed
CVE-2022-34659 was published Aug 11, 2022
IBM InfoSphere Information Server 11.7 could allow a remote attacker to obtain sensitive... High Unreviewed
CVE-2022-35715 was published Aug 11, 2022
Under certain conditions SAP Authenticator for Android allows an attacker to access information... High Unreviewed
CVE-2022-35290 was published Aug 11, 2022
An information disclosure vulnerability exists in the confctl_get_master_wlan functionality of... High Unreviewed
CVE-2022-27630 was published Aug 6, 2022
An information disclosure vulnerability exists in the confctl_get_guest_wlan functionality of TCL... High Unreviewed
CVE-2022-27633 was published Aug 6, 2022
Exposure of sensitive information to an unauthorized actor vulnerability in web server in... High Unreviewed
CVE-2022-27614 was published Jul 29, 2022
In the WeChat application 8.0.10 for Android and iOS, a mini program can obtain sensitive... High Unreviewed
CVE-2021-40180 was published Jul 27, 2022
Slack Morphism for Rust before 0.41.0 can leak Slack OAuth client information in application debug logs High
CVE-2022-31162 was published for slack-morphism (Rust) Jul 20, 2022
tdunlap607
Credited to tdunlap607
Digital Watchdog DW Spectrum Server 4.2.0.32842 allows attackers to access sensitive infromation... High Unreviewed
CVE-2022-34534 was published Jul 20, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database