Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,635
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

6,768 advisories

Loading
IBM Security Guardium Insights 3.0 could allow an authenticated user to obtain sensitive... Moderate Unreviewed
CVE-2021-29846 was published Jan 27, 2022
Fresenius Kabi Vigilant Software Suite (Mastermed Dashboard) version 2.0.1.3 has the option for... Moderate Unreviewed
CVE-2021-23195 was published Jan 22, 2022
Exposure of Sensitive Information to an Unauthorized Actor in nanoid Moderate
CVE-2021-23566 was published for nanoid (npm) Jan 21, 2022
baptistecs
Credited to baptistecs
Comment reply notifications sent to incorrect users Moderate
CVE-2022-21683 was published for wagtail (pip) Jan 21, 2022
dest81
Credited to dest81
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache ShardingSphere... Moderate Unreviewed
CVE-2022-22733 was published Jan 21, 2022
Mattermost Boards plugin v0.10.0 and earlier fails to protect email addresses of all users via... Moderate Unreviewed
CVE-2021-37867 was published Jan 19, 2022
An issue has been discovered affecting GitLab versions prior to 14.4.5, between 14.5.0 and 14.5.3... Moderate Unreviewed
CVE-2022-0093 was published Jan 19, 2022
Acrobat Reader DC ActiveX Control versions 21.007.20099 (and earlier), 20.004.30017 (and earlier)... Moderate Unreviewed
CVE-2021-44702 was published Jan 15, 2022
Acrobat Reader DC ActiveX Control versions 21.007.20099 (and earlier), 20.004.30017 (and earlier)... Moderate Unreviewed
CVE-2021-44739 was published Jan 15, 2022
A file information exposure vulnerability exists in the Palo Alto Networks Cortex XDR agent that... Moderate Unreviewed
CVE-2022-0013 was published Jan 13, 2022
Potential exposure of tokens to an Unauthorized Actor Moderate
CVE-2022-21671 was published for @replit/crosis (npm) Jan 12, 2022
IBM Security Verify 10.0.0, 10.0.1.0, and 10.0.2.0 could disclose sensitive version information... Moderate Unreviewed
CVE-2021-38956 was published Jan 11, 2022
An issue was discovered in MediaWiki before 1.35.5, 1.36.x before 1.36.3, and 1.37.x before 1.37... Moderate Unreviewed
CVE-2021-46148 was published Jan 11, 2022
Zoho ManageEngine Desktop Central before 10.0.662 allows authenticated users to obtain sensitive... Moderate Unreviewed
CVE-2021-46166 was published Jan 11, 2022
Abitrary file access vulnerability in Samsung Email prior to 6.1.60.16 allows attacker to read... Moderate Unreviewed
CVE-2022-22287 was published Jan 11, 2022
PartKeepr versions up to v1.4.0, loads attachments using a URL while creating a part and allows... Moderate Unreviewed
CVE-2022-22701 was published Jan 11, 2022
Affected versions of Atlassian Jira Service Management Server and Data Center allow authenticated... Moderate Unreviewed
CVE-2021-43949 was published Jan 11, 2022
Affected versions of Atlassian Jira Service Management Server and Data Center allow authenticated... Moderate Unreviewed
CVE-2021-43951 was published Jan 11, 2022
Exposure of Sensitive Information to an Unauthorized Actor and Origin Validation Error in podman Moderate
CVE-2021-4024 was published for github.com/containers/podman/v3 (Go) Jan 6, 2022
Apache NiFi Insertion of Sensitive Information into Log File Moderate
CVE-2020-1928 was published for org.apache.nifi:nifi-parameter (Maven) Jan 6, 2022
A exposure of sensitive information to an unauthorized actor in Fortinet FortiMail versions 6.0.9... Moderate Unreviewed
CVE-2020-15933 was published Jan 6, 2022
Exposure of Sensitive Information to an Unauthorized Actor in Apache NiFi Moderate
CVE-2021-44145 was published for org.apache.nifi:nifi (Maven) Jan 5, 2022
Exposure of sensitive information to an unauthorized actor vulnerability in KONICA MINOLTA bizhub... Moderate Unreviewed
CVE-2021-20869 was published Jan 5, 2022
Exposure of sensitive information to an unauthorized actor vulnerability in KONICA MINOLTA bizhub... Moderate Unreviewed
CVE-2021-20871 was published Jan 5, 2022
ManageEngine ADSelfService Plus below build 6116 stores the password policy file for each domain... Moderate Unreviewed
CVE-2021-20148 was published Jan 4, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database