Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,635
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

6,768 advisories

Loading
Under certain conditions SAP Business Objects Business Intelligence Platform - versions 420, 430,... Moderate Unreviewed
CVE-2022-24398 was published Mar 11, 2022
SPIP before 3.2.14 and 4.x before 4.0.5 allows unauthenticated access to information about... Moderate Unreviewed
CVE-2022-26847 was published Mar 11, 2022
IBM Guardium Data Encryption (GDE) 4.0.0.0 and 5.0.0.0 could disclose internal IP address... Moderate Unreviewed
CVE-2021-39025 was published Mar 11, 2022
HTTP caching is marking private HTTP headers as public in Shopware Moderate
CVE-2022-24747 was published for shopware/core (Composer) Mar 10, 2022
UlrichThomasGabor
Credited to UlrichThomasGabor
The CorreosExpress WordPress plugin through 2.6.0 generates log files which are publicly... Moderate Unreviewed
CVE-2021-25009 was published Mar 8, 2022
The Video Conferencing with Zoom WordPress plugin before 3.8.17 does not have authorisation in... Moderate Unreviewed
CVE-2022-0384 was published Mar 8, 2022
Exposure of Sensitive Information to an Unauthorized Actor in httpie Moderate
CVE-2022-24737 was published for httpie (pip) Mar 7, 2022
A flaw was found in postgresql. A purpose-crafted query can read arbitrary bytes of server memory... Moderate Unreviewed
CVE-2021-3677 was published Mar 4, 2022
Exposure of home directory through shescape on Unix with Bash Moderate
CVE-2022-24725 was published for shescape (npm) Mar 3, 2022
An exposure of sensitive system information to an unauthorized control sphere vulnerability [CWE... Moderate Unreviewed
CVE-2022-22303 was published Mar 3, 2022
Zoho ManageEngine Desktop Central before 10.1.2137.8 exposes the installed server name to anyone.... Moderate Unreviewed
CVE-2022-23779 was published Mar 3, 2022
An issue was discovered in Zoho ManageEngine Key Manager Plus before 6200. A service exposed by... Moderate Unreviewed
CVE-2022-24447 was published Mar 3, 2022
Incorrect Authorization and Exposure of Sensitive Information to an Unauthorized Actor in scrapy Moderate
CVE-2022-0577 was published for scrapy (pip) Mar 1, 2022
ranjit-git
Credited to ranjit-git
The Yoast SEO WordPress plugin before 17.3 discloses the full internal path of featured images in... Moderate Unreviewed
CVE-2021-25118 was published Mar 1, 2022
The Customize WordPress Emails and Alerts WordPress plugin before 1.8.7 does not have... Moderate Unreviewed
CVE-2022-0345 was published Mar 1, 2022
All versions of FileCloud prior to 21.3 are vulnerable to user enumeration. The vulnerability... Moderate Unreviewed
CVE-2022-24633 was published Feb 25, 2022
All versions of Samba prior to 4.15.5 are vulnerable to a malicious client using a server symlink... Moderate Unreviewed
CVE-2021-44141 was published Feb 22, 2022
Mattermost 6.3.0 and earlier fails to protect email addresses of the creator of the team via one... Moderate Unreviewed
CVE-2022-0708 was published Feb 22, 2022
A flaw was found in s390 eBPF JIT in bpf_jit_insn in arch/s390/net/bpf_jit_comp.c in the Linux... Moderate Unreviewed
CVE-2021-20320 was published Feb 19, 2022
Exposure of Sensitive Information to an Unauthorized Actor in LemMinX Moderate
CVE-2022-0672 was published for org.eclipse.lemminx:lemminx-parent (Maven) Feb 19, 2022
tdunlap607
Credited to tdunlap607
Exposure of Sensitive Information to an Unauthorized Actor in librenms Moderate
CVE-2022-0588 was published for librenms/librenms (Composer) Feb 16, 2022
Gitea Exposes Private Email Addresses Moderate
CVE-2018-1000803 was published for github.com/go-gitea/gitea (Go) Feb 15, 2022
Exposure of Sensitive Information to an Unauthorized Actor and Insertion of Sensitive Information Into Sent Data in Calico Moderate
CVE-2020-13597 was published for github.com/projectcalico/calico (Go) Feb 15, 2022
richardfan0606 luhring
Credited to richardfan0606 and luhring
Hashicorp Nomad Information Exposure Through Environmental Variables Moderate
CVE-2019-14802 was published for github.com/hashicorp/nomad (Go) Feb 15, 2022
tdunlap607
Credited to tdunlap607
Exposure of Sensitive Information to an Unauthorized Actor in Apache Guacamole Moderate Unreviewed
CVE-2021-41767 was published Feb 15, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database