Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,636
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

1,874 advisories

Loading
An information disclosure vulnerability exists in curl 7.65.0 to 7.82.0 are vulnerable that by... High Unreviewed
CVE-2022-27775 was published Jun 3, 2022
Packing does not respect root-level ignore files in workspaces High
CVE-2022-29244 was published for npm (npm) Jun 2, 2022
bnb
Credited to bnb
Phoenix-ws source code and data in extensions folder is publicly available High
GHSA-c8f7-x2g7-7fxj was published for phoenix-ws (pip) Jun 2, 2022
Ansible Exposes Sensitive Information High
CVE-2021-20228 was published for ansible (pip) May 25, 2022
Cross-domain cookie leakage in Guzzle High
CVE-2022-29248 was published for guzzlehttp/guzzle (Composer) May 25, 2022
When visiting a site running Web-Stat < 1.4.0, the "wts_web_stat_load_init" function used the... High Unreviewed
CVE-2021-24167 was published May 24, 2022
The AJAX action, wp_ajax_ninja_forms_sendwp_remote_install_handler, did not have a capability... High Unreviewed
CVE-2021-24163 was published May 24, 2022
An information disclosure vulnerability exists in SAP GUI for Windows - versions < 7.60 PL13, 7... High Unreviewed
CVE-2021-40503 was published May 24, 2022
A vulnerability in the Private Internet Access (PIA) VPN Client for Linux 1.5 through 2.3+ allows... High Unreviewed
CVE-2020-15590 was published May 24, 2022
Boa 0.94.13 allows remote attackers to obtain sensitive information via a misconfiguration... High Unreviewed
CVE-2021-33558 was published May 24, 2022
Adobe Campaign Classic version 18.10.5-8984 and earlier versions have an Information Exposure... High Unreviewed
CVE-2019-7941 was published May 24, 2022
Linear eMerge E3-Series devices allow Authorization Bypass with Information Disclosure. High Unreviewed
CVE-2019-7259 was published May 24, 2022
Arbitrary Read in AMD Graphics Driver for Windows 10 may lead to KASLR bypass or denial of service. High Unreviewed
CVE-2020-12899 was published May 24, 2022
Broadcom Emulex HBA Manager/One Command Manager versions before 11.4.425.0 and 12.8.542.31, if... High Unreviewed
CVE-2021-42773 was published May 24, 2022
The Simple Download Monitor WordPress plugin before 3.9.6 saves logs in a predictable location,... High Unreviewed
CVE-2021-24695 was published May 24, 2022
Affected versions of Atlassian Jira Server and Data Center allow anonymous remote attackers to... High Unreviewed
CVE-2021-41305 was published May 24, 2022
Affected versions of Atlassian Jira Server and Data Center allow anonymous remote attackers to... High Unreviewed
CVE-2021-41306 was published May 24, 2022
An issue was discovered in Zammad before 4.1.1. The REST API discloses sensitive information. High Unreviewed
CVE-2021-42089 was published May 24, 2022
Gila CMS 2.2.0 is vulnerable to Insecure Direct Object Reference (IDOR). Thumbnails uploaded by... High Unreviewed
CVE-2021-37777 was published May 24, 2022
Gradle Enterprise before 2021.1.3 can allow unauthorized viewing of a response (information... High Unreviewed
CVE-2021-41584 was published May 24, 2022
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) could disclose sensitive... High Unreviewed
CVE-2021-29825 was published May 24, 2022
Information leakage vulnerability in NetIQ Access Manager prior to 5.0.1 and 4.5.4 High Unreviewed
CVE-2021-22527 was published May 24, 2022
An information disclosure issue was addressed by removing the vulnerable code. This issue is... High Unreviewed
CVE-2021-30790 was published May 24, 2022
A CWE-200: Exposure of Sensitive Information to an Unauthorized Actor vulnerability exist in... High Unreviewed
CVE-2021-22793 was published May 24, 2022
An information disclosure vulnerability exists in the Friend finder functionality of GmbH Komoot... High Unreviewed
CVE-2021-21823 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database