GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,600
Composer 5,005
Erlang 39
GitHub Actions 38
Go 2,635
Maven 6,103
npm 4,262
NuGet 760
pip 4,057
Pub 12
RubyGems 956
Rust 1,054
Swift 45

Unreviewed advisories

All unreviewed 276,386

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

9,964 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

The Visual Form Builder WordPress plugin before 3.0.6 does not perform access control on entry... Moderate Unreviewed

CVE-2022-0140 was published Apr 13, 2022

Under certain conditions, SAP BusinessObjects Business Intelligence platform, Client Management... High Unreviewed

CVE-2022-27667 was published Apr 13, 2022

Apache Subversion SVN authz protected copyfrom paths regression Subversion servers reveal ... Moderate Unreviewed

CVE-2021-28544 was published Apr 13, 2022

Information Exposure in Kubernetes Moderate

CVE-2015-7528 was published for github.com/kubernetes/kubernetes (Go) Apr 12, 2022

Information exposure vulnerability in One UI Home prior to SMR April-2022 Release 1 allows to... Moderate Unreviewed

CVE-2022-27575 was published Apr 12, 2022

Unauthenticated user can list hidden document from multiple velocity templates in XWiki Moderate

CVE-2022-24820 was published for org.xwiki.platform:xwiki-platform-web (Maven) Apr 8, 2022

Apperta Foundation OpenEyes 3.5.1 allows remote attackers to view the sensitive information of... Moderate Unreviewed

CVE-2021-40375 was published Apr 7, 2022

An exposure of sensitive information to an unauthorized actor vulnerability [CWE-200] in... Moderate Unreviewed

CVE-2021-43205 was published Apr 7, 2022

FANTEC GmbH MWiD25-DS Firmware v2.000.030 allows unauthenticated attackers to access and download... High Unreviewed

CVE-2022-26591 was published Apr 7, 2022

Zoho ManageEngine ServiceDesk Plus before 13001 allows anyone to know the organisation's default... Moderate Unreviewed

CVE-2022-25245 was published Apr 6, 2022

The Booking Package WordPress plugin before 1.5.29 requires a token for exporting the ical... High Unreviewed

CVE-2022-0709 was published Apr 5, 2022

The JobMonster Theme was vulnerable to Directory Listing in the /wp-content/uploads/jobmonster/... Moderate Unreviewed

CVE-2022-1166 was published Apr 5, 2022

It was observed that while login into Business-central console, HTTP request discloses sensitive... High Unreviewed

CVE-2019-14839 was published Apr 3, 2022

Wyse Device Agent version 14.6.1.4 and below contain a sensitive data exposure vulnerability. A... Moderate Unreviewed

CVE-2022-23158 was published Apr 2, 2022

Wyse Device Agent version 14.6.1.4 and below contain a sensitive data exposure vulnerability. A... Moderate Unreviewed

CVE-2022-23157 was published Apr 2, 2022

An information disclosure vulnerability in Webadmin allows an unauthenticated remote attacker to... Moderate Unreviewed

CVE-2022-0331 was published Mar 30, 2022

A vulnerability was found in TEM FLEX-1080 and FLEX-1085 1.6.0. It has been declared as... High Unreviewed

CVE-2022-1077 was published Mar 30, 2022

Discoverability of user password hash in Statamic CMS Low

CVE-2022-24784 was published for statamic/cms (Composer) Mar 29, 2022

Twig Sandbox Information Disclosure Low

CVE-2019-9942 was published for twig/twig (Composer) Mar 26, 2022

A kernel information leak flaw was identified in the scsi_ioctl function in drivers/scsi... Moderate Unreviewed

CVE-2022-0494 was published Mar 26, 2022

The Reporting module in Aseco Lietuva document management system DVS Avilys before 2022-03-10... High Unreviewed

CVE-2022-27192 was published Mar 25, 2022

MotionEye allows attackers to access sensitive information High

CVE-2022-25568 was published for motioneye (pip) Mar 25, 2022

Bluedon Information Security Technologies Co.,Ltd Internet Access Detector v1.0 was discovered to... High Unreviewed

CVE-2022-25571 was published Mar 25, 2022

Improper access control allows admin privilege escalation in Argo CD Critical

CVE-2022-24768 was published for github.com/argoproj/argo-cd (Go) Mar 24, 2022

GE UR firmware versions prior to version 8.1x web server interface is supported on UR over HTTP... High Unreviewed

CVE-2021-27422 was published Mar 24, 2022

Previous 1…384…399 Next

Previous 1 2 … 382 383 384 385 386 … 398 399 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

9,964 advisories