Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,638
Maven
5,000+
npm
4,264
NuGet
760
pip
4,060
Pub
12
RubyGems
956
Rust
1,056
Swift
45
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

8,842 advisories

Loading
VisNetic WebSite 3.5 allows remote attackers to obtain the full pathname of the server via a... Moderate Unreviewed
CVE-2003-0456 was published Apr 29, 2022
Multiple ethernet Network Interface Card (NIC) device drivers do not pad frames with null bytes,... Moderate Unreviewed
CVE-2003-0001 was published Apr 29, 2022
In Bender/ebee Charge Controllers in multiple versions are prone to an RFID leak. The RFID of the... High Unreviewed
CVE-2021-34589 was published Apr 28, 2022
IBM QRadar SIEM 7.3, 7.4, and 7.5 could allow an authenticated user to obtain sensitive... Moderate Unreviewed
CVE-2021-29776 was published Apr 28, 2022
IBM QRadar SIEM 7.3, 7.4, and 7.5 in some senarios may reveal authorized service tokens to other... High Unreviewed
CVE-2021-38919 was published Apr 28, 2022
A vulnerability in SonicOS SNMP service resulting exposure of Wireless Access Point sensitive... Moderate Unreviewed
CVE-2022-22277 was published Apr 28, 2022
A vulnerability in SonicOS SNMP service resulting exposure of sensitive information to an... Moderate Unreviewed
CVE-2022-22276 was published Apr 28, 2022
The myCred WordPress plugin before 2.4.3.1 does not have any authorisation in place in its mycred... Moderate Unreviewed
CVE-2022-0287 was published Apr 26, 2022
BlackBerry PlayBook before 2.1 has an Information Disclosure Vulnerability via a Web browser... Moderate Unreviewed
CVE-2012-5828 was published Apr 23, 2022
The Simplenews module 6.x-1.x before 6.x-1.4, 6.x-2.x before 6.x-2.0-alpha4, and 7.x-1.x before 7... Moderate Unreviewed
CVE-2012-2724 was published Apr 23, 2022
Within the RHOS Essex Preview (2012.2) of the OpenStack dashboard package, the file /etc/quantum... Moderate Unreviewed
CVE-2012-5476 was published Apr 23, 2022
An information disclosure flaw was found in the way the Java Virtual Machine (JVM) implementation... High Unreviewed
CVE-2012-4420 was published Apr 23, 2022
An Information Disclosure vulnerability exists in the Jasig Project php-pear-CAS 1.2.2 package in... Moderate Unreviewed
CVE-2012-1105 was published Apr 23, 2022
gnome-system-log polkit policy allows arbitrary files on the system to be read High Unreviewed
CVE-2012-5535 was published Apr 23, 2022
W3 Total Cache before 0.9.2.5 generates hash keys insecurely which allows remote attackers to... Moderate Unreviewed
CVE-2012-6078 was published Apr 23, 2022
W3 Total Cache before 0.9.2.5 exposes sensitive cached database information which allows remote... Moderate Unreviewed
CVE-2012-6079 was published Apr 23, 2022
W3 Total Cache before 0.9.2.5 allows remote attackers to retrieve password hash information due... Moderate Unreviewed
CVE-2012-6077 was published Apr 23, 2022
mediawiki allows deleted text to be exposed High Unreviewed
CVE-2012-0046 was published Apr 23, 2022
mIRC prior to 7.22 has a message leak because chopping of outbound messages is mishandled. Moderate Unreviewed
CVE-2011-5282 was published Apr 22, 2022
lilo-uuid-diskid causes lilo.conf to be world-readable in lilo 23.1. Moderate Unreviewed
CVE-2011-1934 was published Apr 22, 2022
Joomla! Core is prone to an information disclosure vulnerability. Attackers can exploit this... High Unreviewed
CVE-2010-1432 was published Apr 21, 2022
IcedTea6 before 1.7.4 allow unsigned apps to read and write arbitrary files, related to Extended... Critical Unreviewed
CVE-2010-2783 was published Apr 21, 2022
The WordPress plugin Be POPIA Compliant exposed sensitive information to unauthenticated users... Moderate Unreviewed
CVE-2022-1186 was published Apr 20, 2022
Sensitive Information Exposure in E4J s.r.l. VikBooking Hotel Booking Engine & PMS plugin <= 1.5... Moderate Unreviewed
CVE-2022-27863 was published Apr 20, 2022
Sensitive Information Disclosure (sac-export.csv) in Simple Ajax Chat (WordPress plugin) <= 20220115 High Unreviewed
CVE-2022-27849 was published Apr 16, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database