Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,640
Maven
5,000+
npm
4,265
NuGet
760
pip
4,061
Pub
12
RubyGems
956
Rust
1,057
Swift
45
Unreviewed advisories
All unreviewed
5,000+

9,972 advisories

Loading
Azure DevOps Server and Team Foundation Server Information Disclosure Vulnerability Moderate Unreviewed
CVE-2021-27067 was published May 24, 2022
An issue was identified in GitLab EE 13.4 or later which leaked internal IP address via error... Moderate Unreviewed
CVE-2021-22169 was published May 24, 2022
Windows SMB Information Disclosure Vulnerability This CVE ID is unique from CVE-2021-28325. High Unreviewed
CVE-2021-28324 was published May 24, 2022
Windows Overlay Filter Information Disclosure Vulnerability Moderate Unreviewed
CVE-2021-26417 was published May 24, 2022
An improper access control vulnerability in Trend Micro Apex One (on-prem and SaaS), OfficeScan... Moderate Unreviewed
CVE-2021-25234 was published May 24, 2022
Inappropriate implementation in DevTools in Google Chrome prior to 88.0.4324.96 allowed a remote... Moderate Unreviewed
CVE-2021-21137 was published May 24, 2022
Encoded URIs can access WEB-INF directory in Eclipse Jetty Moderate
CVE-2021-34429 was published for org.eclipse.jetty:jetty-webapp (Maven) Jul 19, 2021
cangqingzhe lachlan-roberts
Credited to cangqingzhe and lachlan-roberts
In FreeBSD 12.2-STABLE before r368969, 11.4-STABLE before r369047, 12.2-RELEASE before p3, 12.1... Moderate Unreviewed
CVE-2020-25579 was published May 24, 2022
Netsia SEBA+ through 0.16.1 build 70-e669dcd7 allows remote attackers to discover session cookies... High Unreviewed
CVE-2021-3113 was published May 24, 2022
Certain NETGEAR devices are affected by disclosure of sensitive information. This affects RBW30... High Unreviewed
CVE-2021-29082 was published May 24, 2022
Windows Remote Procedure Call Information Disclosure Vulnerability High Unreviewed
CVE-2021-1734 was published May 24, 2022
Microsoft SharePoint Information Disclosure Vulnerability Moderate Unreviewed
CVE-2021-24071 was published May 24, 2022
Microsoft Windows VMSwitch Information Disclosure Vulnerability Moderate Unreviewed
CVE-2021-24076 was published May 24, 2022
Microsoft Dataverse Information Disclosure Vulnerability Moderate Unreviewed
CVE-2021-24101 was published May 24, 2022
Racom's MIDGE Firmware 4.4.40.105 contains an issue that allows attackers to view sensitive... Moderate Unreviewed
CVE-2021-20067 was published May 24, 2022
IBM WebSphere Commerce Enterprise 7.0 before 7.0.0.2 allows remote attackers to read messages... Moderate Unreviewed
CVE-2010-2639 was published May 17, 2022
Tailscale daemon is vulnerable to information disclosure via CSRF Low
CVE-2022-41925 was published for tailscale.com/cmd (Go) Nov 21, 2022
emilytrau JJJollyjim
Credited to emilytrau and JJJollyjim
An improper access control vulnerability in Trend Micro Apex One (on-prem and SaaS), OfficeScan... Moderate Unreviewed
CVE-2021-25231 was published May 24, 2022
Improper Access Control vulnerability in McAfee Advanced Threat Defense (ATD) prior to 4.10.0... Low Unreviewed
CVE-2020-7262 was published May 24, 2022
An improper access control vulnerability in Trend Micro Apex One (on-prem) could allow an... Moderate Unreviewed
CVE-2021-25237 was published May 24, 2022
Exposure of Sensitive Information in System.Net.Http High
CVE-2019-0545 was published for Microsoft.NETCore.App (NuGet) May 14, 2022
Duplicate advisory: Configuration exposure in github.com/coreos/ignition Moderate
GHSA-mjqc-5c9x-xfcc was published for github.com/coreos/ignition/v2 (Go) May 18, 2022 withdrawn
In the Password Reset Module in VESTA Control Panel through 0.9.8-25 and Hestia Control Panel... Moderate Unreviewed
CVE-2020-10966 was published May 24, 2022
AMD EPYC™ Processors contain an information disclosure vulnerability in the Secure Encrypted... Moderate Unreviewed
CVE-2020-12966 was published Feb 10, 2022
Exposure of Sensitive Information to an Unauthorized Actor in Elasticsearch Moderate
CVE-2019-7619 was published for org.elasticsearch:elasticsearch (Maven) May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database