Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,992
Erlang
39
GitHub Actions
38
Go
2,635
Maven
5,000+
npm
4,262
NuGet
760
pip
4,053
Pub
12
RubyGems
955
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

9,963 advisories

Loading
IBM Security Guardium Insights 3.0 could allow a remote attacker to obtain sensitive information,... Moderate Unreviewed
CVE-2021-29838 was published Jan 27, 2022
IBM Security Guardium Insights 3.0 could allow an authenticated user to obtain sensitive... Moderate Unreviewed
CVE-2021-29846 was published Jan 27, 2022
Fresenius Kabi Vigilant Software Suite (Mastermed Dashboard) version 2.0.1.3 has the option for... Moderate Unreviewed
CVE-2021-23195 was published Jan 22, 2022
Exposure of Sensitive Information to an Unauthorized Actor in nanoid Moderate
CVE-2021-23566 was published for nanoid (npm) Jan 21, 2022
baptistecs
Credited to baptistecs
node-fetch forwards secure headers to untrusted sites High
CVE-2022-0235 was published for node-fetch (npm) Jan 21, 2022
kurt-r2c
Credited to kurt-r2c
Comment reply notifications sent to incorrect users Moderate
CVE-2022-21683 was published for wagtail (pip) Jan 21, 2022
dest81
Credited to dest81
Exposure of Sensitive Information to an Unauthorized Actor in microweber High
CVE-2022-0281 was published for microweber/microweber (Composer) Jan 21, 2022
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache ShardingSphere... Moderate Unreviewed
CVE-2022-22733 was published Jan 21, 2022
Mattermost Boards plugin v0.10.0 and earlier fails to protect email addresses of all users via... Moderate Unreviewed
CVE-2021-37867 was published Jan 19, 2022
An issue has been discovered affecting GitLab versions prior to 14.4.5, between 14.5.0 and 14.5.3... Moderate Unreviewed
CVE-2022-0093 was published Jan 19, 2022
Acrobat Reader DC ActiveX Control versions 21.007.20099 (and earlier), 20.004.30017 (and earlier)... Moderate Unreviewed
CVE-2021-44702 was published Jan 15, 2022
Acrobat Reader DC ActiveX Control versions 21.007.20099 (and earlier), 20.004.30017 (and earlier)... Moderate Unreviewed
CVE-2021-44739 was published Jan 15, 2022
A file information exposure vulnerability exists in the Palo Alto Networks Cortex XDR agent that... Moderate Unreviewed
CVE-2022-0013 was published Jan 13, 2022
Potential exposure of tokens to an Unauthorized Actor Moderate
CVE-2022-21671 was published for @replit/crosis (npm) Jan 12, 2022
IBM Security Verify 10.0.0, 10.0.1.0, and 10.0.2.0 could disclose sensitive version information... Moderate Unreviewed
CVE-2021-38956 was published Jan 11, 2022
An issue was discovered in MediaWiki before 1.35.5, 1.36.x before 1.36.3, and 1.37.x before 1.37... Moderate Unreviewed
CVE-2021-46148 was published Jan 11, 2022
Zoho ManageEngine Desktop Central before 10.0.662 allows authenticated users to obtain sensitive... Moderate Unreviewed
CVE-2021-46166 was published Jan 11, 2022
Abitrary file access vulnerability in Samsung Email prior to 6.1.60.16 allows attacker to read... Moderate Unreviewed
CVE-2022-22287 was published Jan 11, 2022
PartKeepr versions up to v1.4.0, loads attachments using a URL while creating a part and allows... Moderate Unreviewed
CVE-2022-22701 was published Jan 11, 2022
The Plus Addons for Elementor - Pro WordPress plugin before 5.0.7 does not validate the qvquery... High Unreviewed
CVE-2021-24948 was published Jan 11, 2022
Affected versions of Atlassian Jira Service Management Server and Data Center allow authenticated... Moderate Unreviewed
CVE-2021-43949 was published Jan 11, 2022
Affected versions of Atlassian Jira Service Management Server and Data Center allow authenticated... Moderate Unreviewed
CVE-2021-43951 was published Jan 11, 2022
hoppscotch is vulnerable to Exposure of Sensitive Information to an Unauthorized Actor High Unreviewed
CVE-2022-0121 was published Jan 7, 2022
Exposure of Sensitive Information to an Unauthorized Actor and Origin Validation Error in podman Moderate
CVE-2021-4024 was published for github.com/containers/podman/v3 (Go) Jan 6, 2022
Insertion of Sensitive Information into Log File in Apache NiFi High
CVE-2020-1942 was published for org.apache.nifi:nifi-framework-core (Maven) Jan 6, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database