Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,638
Maven
5,000+
npm
4,262
NuGet
760
pip
4,058
Pub
12
RubyGems
956
Rust
1,056
Swift
45
Unreviewed advisories
All unreviewed
5,000+

9,971 advisories

Loading
BigBlueButton before 2.2.5 allows remote attackers to obtain sensitive files via Local File... High Unreviewed
CVE-2020-12112 was published May 24, 2022
Exposure of Sensitive Information in Find My Mobile prior to version 7.2.25.14 allows local... Low Unreviewed
CVE-2022-36878 was published Sep 10, 2022
Exposure of Sensitive Information to an Unauthorized Actor in Jenkins Moderate
CVE-2017-1000399 was published for org.jenkins-ci.main:jenkins-core (Maven) May 14, 2022
An issue was discovered on Samsung mobile devices with P(9.0) and Q(10.0) software. Notification... Moderate Unreviewed
CVE-2020-11607 was published May 24, 2022
Exposure of Sensitive Information to an Unauthorized Actor in Apache Tomcat Low
CVE-2013-2071 was published for org.apache.tomcat:tomcat (Maven) May 17, 2022
In netdiag, there is a possible information disclosure due to a missing permission check. This... Moderate Unreviewed
CVE-2021-0403 was published May 24, 2022
Exposure of Sensitive Information to an Unauthorized Actor in Apache Directory LDAP API High
CVE-2015-3250 was published for org.apache.directory.api:api-ldap-model (Maven) May 17, 2022
Zoho ManageEngine OpManager before 125120 allows an unauthenticated user to retrieve an API key... Moderate Unreviewed
CVE-2020-11946 was published May 24, 2022
CA API Developer Portal 4.3.1 and earlier handles requests insecurely, which allows remote... Moderate Unreviewed
CVE-2020-11662 was published May 24, 2022
PRTG Network Monitor before 20.1.57.1745 allows remote unauthenticated attackers to obtain... Moderate Unreviewed
CVE-2020-11547 was published May 24, 2022
An improper access control vulnerability in Trend Micro Apex One (on-prem and SaaS), OfficeScan... Moderate Unreviewed
CVE-2021-25240 was published May 24, 2022
An improper access control vulnerability in Trend Micro Apex One (on-prem and SaaS), OfficeScan... Moderate Unreviewed
CVE-2021-25242 was published May 24, 2022
An improper access control vulnerability in Trend Micro Apex One (on-prem and SaaS), OfficeScan... Moderate Unreviewed
CVE-2021-25243 was published May 24, 2022
An improper access control vulnerability in Trend Micro Apex One (on-prem and SaaS), OfficeScan... Moderate Unreviewed
CVE-2021-25233 was published May 24, 2022
Exposure of Sensitive Information to an Unauthorized Actor in Jenkins Low
CVE-2017-2603 was published for org.jenkins-ci.main:jenkins-core (Maven) May 13, 2022
Exposure of Sensitive Information to an Unauthorized Actor in Jenkins Moderate
CVE-2017-2600 was published for org.jenkins-ci.main:jenkins-core (Maven) May 13, 2022
An improper access control vulnerability in Trend Micro Apex One (on-prem and SaaS) and... Moderate Unreviewed
CVE-2021-25232 was published May 24, 2022
An improper access control vulnerability in Trend Micro Apex One (on-prem and SaaS) and... Moderate Unreviewed
CVE-2021-25230 was published May 24, 2022
In enforceDumpPermissionForPackage of ActivityManagerService.java, there is a possible way to... Moderate Unreviewed
CVE-2021-0321 was published May 24, 2022
Exposure of Sensitive Information to an Unauthorized Actor in Jenkins Moderate
CVE-2017-2606 was published for org.jenkins-ci.main:jenkins-core (Maven) May 13, 2022
Exposure of Sensitive Information to an Unauthorized Actor in Spring Security Moderate
CVE-2012-5055 was published for org.springframework.security:spring-security-core (Maven) May 17, 2022
Exposure of Sensitive Information to an Unauthorized Actor in OpenSAML Moderate
CVE-2013-6440 was published for org.opensaml:opensaml (Maven) May 13, 2022
An exploitable local information leak vulnerability exists in the privileged helper tool of GOG... Moderate Unreviewed
CVE-2018-4052 was published May 13, 2022
An information disclosure vulnerability exists in the Multi-Camera interface used by the Foscam... High Unreviewed
CVE-2017-2874 was published May 13, 2022
Exposure of Sensitive Information vulnerability in Game Launcher prior to version 6.0.07 allows... Moderate Unreviewed
CVE-2022-36834 was published Aug 6, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database