Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,871
Erlang
37
GitHub Actions
36
Go
2,517
Maven
5,000+
npm
4,150
NuGet
736
pip
3,952
Pub
12
RubyGems
946
Rust
1,026
Swift
39
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

847 advisories

Loading
Emerson Electric's Proficy Machine Edition Version 9.00 and prior is vulenrable to CWE-284... High Unreviewed
CVE-2022-2792 was published Aug 20, 2022
Browse restriction bypass vulnerability in Scheduler of Cybozu Office 10.0.0 to 10.8.5 allows a... Moderate Unreviewed
CVE-2022-25986 was published Aug 19, 2022
Ampere Altra before SRP 1.08b and Altra Max? before SRP 2.05 allow information disclosure of... High Unreviewed
CVE-2021-45454 was published Aug 18, 2022
There is an improper access control vulnerability in Portal for ArcGIS versions 10.8.1 and below... High Unreviewed
CVE-2022-38184 was published Aug 17, 2022
In Splunk Enterprise versions in the following table, an authenticated user can craft a dashboard... Low Unreviewed
CVE-2022-37438 was published Aug 17, 2022
In Content, there is a possible way to learn gmail account name on the device due to a... Moderate Unreviewed
CVE-2022-20270 was published Aug 13, 2022
Insufficient policy enforcement in Background Fetch in Google Chrome prior to 104.0.5112.79... Moderate Unreviewed
CVE-2022-2610 was published Aug 13, 2022
In USB Manager, there is a possible way to determine whether an app is installed, without query... Moderate Unreviewed
CVE-2021-0975 was published Aug 12, 2022
In Settings, there is a possible way to determine whether an app is installed without query... Moderate Unreviewed
CVE-2021-0734 was published Aug 12, 2022
VMware vRealize Operations contains an information disclosure vulnerability. A low-privileged... High Unreviewed
CVE-2022-31673 was published Aug 11, 2022
PendingIntent hijacking vulnerability in releaseAlarm in Charm by Samsung prior to version 1.2.3... Moderate Unreviewed
CVE-2022-36829 was published Aug 6, 2022
PendingIntent hijacking vulnerability in cancelAlarmManager in Charm by Samsung prior to version... Moderate Unreviewed
CVE-2022-36830 was published Aug 6, 2022
IBM UrbanCode Deploy (UCD) 6.2.0.0 through 6.2.7.16, 7.0.0.0 through 7.0.5.11, 7.1.0.0 through 7... Moderate Unreviewed
CVE-2022-35716 was published Aug 2, 2022
IBM Robotic Process Automation 21.0.0, 21.0.1, and 21.0.2 could allow a user to access... Moderate Unreviewed
CVE-2022-22334 was published Aug 2, 2022
The YaySMTP WordPress plugin before 2.2.1 does not have capability check before displaying the... Moderate Unreviewed
CVE-2022-2370 was published Aug 2, 2022
Insufficient validation of untrusted input in File in Google Chrome on Android prior to 103.0... Moderate Unreviewed
CVE-2022-2479 was published Jul 29, 2022
Insufficient policy enforcement in DevTools in Google Chrome on Windows prior to 103.0.5060.53... Moderate Unreviewed
CVE-2022-2160 was published Jul 29, 2022
Inappropriate implementation in PDF in Google Chrome prior to 102.0.5005.61 allowed a remote... Moderate Unreviewed
CVE-2022-1875 was published Jul 28, 2022
Insufficient policy enforcement in COOP in Google Chrome prior to 102.0.5005.61 allowed a remote... Moderate Unreviewed
CVE-2022-1873 was published Jul 28, 2022
Inappropriate implementation in HTML Parser in Google Chrome prior to 101.0.4951.41 allowed a... Moderate Unreviewed
CVE-2022-1498 was published Jul 27, 2022
Inappropriate implementation in Extensions API in Google Chrome prior to 101.0.4951.41 allowed an... Moderate Unreviewed
CVE-2022-1488 was published Jul 27, 2022
Inappropriate implementation in Web Contents in Google Chrome prior to 101.0.4951.64 allowed a... Moderate Unreviewed
CVE-2022-1637 was published Jul 27, 2022
Inappropriate implementation in iframe in Google Chrome prior to 101.0.4951.41 allowed a remote... Moderate Unreviewed
CVE-2022-1501 was published Jul 27, 2022
IBM Security Verify Information Queue 10.0.2 could allow a user to obtain sensitive information... Moderate Unreviewed
CVE-2022-35288 was published Jul 26, 2022
Inappropriate implementation in Extensions in Google Chrome prior to 100.0.4896.60 allowed an... Moderate Unreviewed
CVE-2022-1137 was published Jul 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database