Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,638
Maven
5,000+
npm
4,264
NuGet
760
pip
4,060
Pub
12
RubyGems
956
Rust
1,056
Swift
45
Unreviewed advisories
All unreviewed
5,000+

9,972 advisories

Loading
SAP NetWeaver ABAP Server and ABAP Platform (Process Integration - Integration Builder Framework)... Moderate Unreviewed
CVE-2021-27599 was published May 24, 2022
Improper Input Validation in Undertow High
CVE-2020-1757 was published for io.undertow:undertow-core (Maven) May 24, 2022
yawkat
Credited to yawkat
Windows GDI+ Information Disclosure Vulnerability Moderate Unreviewed
CVE-2021-28318 was published May 24, 2022
Windows SMB Information Disclosure Vulnerability This CVE ID is unique from CVE-2021-28324. Moderate Unreviewed
CVE-2021-28325 was published May 24, 2022
Windows Kernel Information Disclosure Vulnerability This CVE ID is unique from CVE-2021-28309. Moderate Unreviewed
CVE-2021-27093 was published May 24, 2022
An information disclosure issue in GitLab starting from version 12.8 allowed a user with access... Moderate Unreviewed
CVE-2021-22184 was published May 24, 2022
MagicMotion Flamingo 2 has a lack of access control for reading from device descriptors. Moderate Unreviewed
CVE-2020-12729 was published May 24, 2022
An exploitable arbitrary memory read vulnerability exists in the KCodes NetUSB.ko kernel module... Critical Unreviewed
CVE-2019-5016 was published May 24, 2022
White Shark System (WSS) 1.3.2 has web site physical path leakage vulnerability. Moderate Unreviewed
CVE-2020-20470 was published May 24, 2022
Exposure of Sensitive Information to an Unauthorized Actor in Jenkins Critical
CVE-2017-1000362 was published for org.jenkins-ci.main:jenkins-core (Maven) May 17, 2022
Exposure of Sensitive Information to an Unauthorized Actor in Direct Web Remoting Moderate
CVE-2014-5325 was published for org.directwebremoting:dwr (Maven) May 17, 2022
Windows Kernel Information Disclosure Vulnerability This CVE ID is unique from CVE-2021-27093. Moderate Unreviewed
CVE-2021-28309 was published May 24, 2022
IBM Control Center 6.2.0.0 could allow a user to obtain sensitive version information that could... Moderate Unreviewed
CVE-2021-20529 was published May 24, 2022
IBM Planning Analytics Local 2.0 could allow an attacker to obtain sensitive information due to... High Unreviewed
CVE-2020-4985 was published May 24, 2022
An information disclosure vulnerability was discovered in alipay_function.php in the log file of... High Unreviewed
CVE-2020-23768 was published May 24, 2022
Windows Media Photo Codec Information Disclosure Vulnerability Moderate Unreviewed
CVE-2021-26884 was published May 24, 2022
BTCPay Server through 1.0.7.0 could allow a remote attacker to obtain sensitive information,... Moderate Unreviewed
CVE-2021-29248 was published May 24, 2022
Microsoft Edge for Android Information Disclosure Vulnerability Moderate Unreviewed
CVE-2021-24100 was published May 24, 2022
Microsoft SharePoint Information Disclosure Vulnerability Moderate Unreviewed
CVE-2021-31171 was published May 24, 2022
Microsoft Windows Infrared Data Association (IrDA) Information Disclosure Vulnerability Moderate Unreviewed
CVE-2021-31184 was published May 24, 2022
Uninitialized data in PDFium in Google Chrome prior to 90.0.4430.72 allowed a remote attacker to... Moderate Unreviewed
CVE-2021-21219 was published May 24, 2022
IBM Planning Analytics 2.0 could allow a remote attacker to obtain sensitive information by... Moderate Unreviewed
CVE-2020-4562 was published May 24, 2022
An information disclosure issue exists in henriquedornas 5.2.17 because an attacker can dump... High Unreviewed
CVE-2021-26939 was published May 24, 2022
An improper access control vulnerability in Trend Micro Apex One (on-prem and SaaS) and... Moderate Unreviewed
CVE-2021-25235 was published May 24, 2022
An issue was identified in GitLab EE 13.4 or later which leaked internal IP address via error... Moderate Unreviewed
CVE-2021-22169 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database