Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,635
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

6,768 advisories

Loading
Certain NETGEAR devices are affected by disclosure of sensitive information. A UPnP request... Moderate Unreviewed
CVE-2021-45603 was published Dec 27, 2021
Certain NETGEAR devices are affected by disclosure of sensitive information. This affects R6400v2... Moderate Unreviewed
CVE-2021-45649 was published Dec 27, 2021
IBM Cloud Pak for Security (CP4S) 1.7.2.0, 1.7.1.0, and 1.7.0.0 could allow an authenticated user... Moderate Unreviewed
CVE-2021-39013 was published Dec 23, 2021
Dell Wyse Device Agent version 14.5.4.1 and below contain a sensitive data exposure vulnerability... Moderate Unreviewed
CVE-2021-36341 was published Dec 22, 2021
Information Exposure in RunC Moderate
CVE-2016-9962 was published for github.com/opencontainers/runc (Go) Dec 20, 2021
An issue was discovered in MediaWiki before 1.35.5, 1.36.x before 1.36.3, and 1.37.x before 1.37... Moderate Unreviewed
CVE-2021-45038 was published Dec 18, 2021
In geniezone driver, there is a possible out of bounds read due to an incorrect bounds check.... Moderate Unreviewed
CVE-2021-0676 was published Dec 18, 2021
pep_sock_accept in net/phonet/pep.c in the Linux kernel through 5.15.8 has a refcount leak. Moderate Unreviewed
CVE-2021-45095 was published Dec 17, 2021
In onCreate of RequestIgnoreBatteryOptimizations.java, there is a possible way to determine... Moderate Unreviewed
CVE-2021-1023 was published Dec 16, 2021
The Onion module in toxcore before 0.2.2 doesn't restrict which packets can be onion-routed,... Moderate Unreviewed
CVE-2018-25022 was published Dec 14, 2021
An information disclosure vulnerability in GitLab CE/EE versions 12.0 to 14.3.6, 14.4 to 14.4.4,... Moderate Unreviewed
CVE-2021-39941 was published Dec 14, 2021
IBM Spectrum Protect Operations Center 7.1, under special configurations, could allow a local... Moderate Unreviewed
CVE-2021-38901 was published Dec 14, 2021
A exposure of sensitive information to an unauthorized actor in Fortinet FortiAuthenticator... Moderate Unreviewed
CVE-2021-43067 was published Dec 9, 2021
Instance config inline secret exposure in Grafana Moderate
CVE-2021-41090 was published for github.com/grafana/agent (Go) Dec 8, 2021
Mahavitaran android application 7.50 and prior transmit sensitive information in URL parameters.... Moderate Unreviewed
CVE-2020-27414 was published Dec 3, 2021
IBM MQ Appliance could allow a local attacker to obtain sensitive information by inclusion of... Moderate Unreviewed
CVE-2021-38999 was published Dec 1, 2021
IBM MQ Appliance 9.2 CD and 9.2 LTS could allow a local attacker to obtain sensitive information... Moderate Unreviewed
CVE-2021-39000 was published Dec 1, 2021
There is an information leakage vulnerability in FusionCompute 6.5.1, eCNS280_TD V100R005C00 and... Moderate Unreviewed
CVE-2021-37036 was published Nov 24, 2021
Password exposure in concrete5/core Moderate
CVE-2021-22951 was published for concrete5/core (Composer) Nov 23, 2021
Exposure of sensitive information in concrete5/core Moderate
CVE-2021-22967 was published for concrete5/core (Composer) Nov 23, 2021
Rapid7 Nexpose versions prior to 6.6.114 suffer from an information exposure issue whereby, when... Moderate Unreviewed
CVE-2019-5640 was published Nov 23, 2021
Philips MRI 1.5T and MRI 3T Version 5.x.x exposes sensitive information to an actor not... Moderate Unreviewed
CVE-2021-42744 was published Nov 20, 2021
Information disclosure vulnerability in OnionShare Moderate
CVE-2021-41867 was published for onionshare-cli (pip) Nov 19, 2021
Rails Multisite secure/signed cookies share secrets between sites in a multi-site application Moderate
CVE-2021-41263 was published for rails_multisite (RubyGems) Nov 15, 2021
Unauthorized access to data in @sap-cloud-sdk/core Moderate
CVE-2021-41251 was published for @sap-cloud-sdk/core (npm) Nov 10, 2021
johenning
Credited to johenning
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database