Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,869
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,122
NuGet
735
pip
3,942
Pub
12
RubyGems
945
Rust
1,020
Swift
39
Unreviewed advisories
All unreviewed
5,000+

12,426 advisories

Loading
Exposure of Sensitive Information in Find My Mobile prior to version 7.2.25.14 allows local... Low Unreviewed
CVE-2022-36878 was published Sep 10, 2022
Exposure of Sensitive Information in FaqSymptomCardViewModel in Samsung Members prior to versions... Low Unreviewed
CVE-2022-36877 was published Sep 10, 2022
Unprotected Storage of Credentials vulnerability in McAfee Data Loss Prevention (DLP) for Mac... Low Unreviewed
CVE-2020-7306 was published May 24, 2022
Vulnerability in the Oracle Hospitality Cruise Materials Management product of Oracle Hospitality... Low Unreviewed
CVE-2020-2599 was published May 24, 2022
Improper Access Control vulnerability in McAfee Advanced Threat Defense (ATD) prior to 4.10.0... Low Unreviewed
CVE-2020-7262 was published May 24, 2022
Privilege Escalation vulnerability in McAfee Total Protection (MTP) before 16.0.R26 allows local... Low Unreviewed
CVE-2020-7282 was published May 24, 2022
Vulnerability in the MySQL Client product of Oracle MySQL (component: C API). Supported versions... Low Unreviewed
CVE-2020-14550 was published May 24, 2022
Tailscale daemon is vulnerable to information disclosure via CSRF Low
CVE-2022-41925 was published for tailscale.com/cmd (Go) Nov 21, 2022
emilytrau JJJollyjim
Cross-site scripting (XSS) vulnerability in Sijio Community Software allows remote authenticated... Low Unreviewed
CVE-2010-2697 was published May 17, 2022
A flaw was found in the virtio-fs shared file system daemon (virtiofsd) of QEMU. The new ... Low Unreviewed
CVE-2021-20263 was published May 24, 2022
An improper usage of implicit intent in SemRewardManager prior to SMR Dec-2021 Release 1 allows... Low Unreviewed
CVE-2021-25515 was published Dec 9, 2021
Multiple cross-site scripting (XSS) vulnerabilities in Sijio Community Software allow remote... Low Unreviewed
CVE-2010-2698 was published May 17, 2022
Improper Authentication in Apache Hadoop Low
CVE-2013-2192 was published for org.apache.hadoop:hadoop-common (Maven) May 17, 2022
A persistent cross-site scripting (XSS) vulnerability in Octopus Server 3.4.0 through 2019.10.5... Low Unreviewed
CVE-2019-19085 was published May 24, 2022
Vulnerability in the Oracle Business Intelligence Enterprise Edition product of Oracle Fusion... Low Unreviewed
CVE-2020-2531 was published May 24, 2022
Vulnerability in the Oracle Solaris product of Oracle Systems (component: Filesystem). The... Low Unreviewed
CVE-2020-2680 was published May 24, 2022
Vulnerability in the Hyperion Financial Close Management product of Oracle Hyperion (component:... Low Unreviewed
CVE-2020-2563 was published May 24, 2022
Vulnerability in the Oracle Solaris product of Oracle Systems (component: Consolidation... Low Unreviewed
CVE-2020-2565 was published May 24, 2022
Vulnerability in the Oracle Hospitality OPERA 5 product of Oracle Hospitality Applications ... Low Unreviewed
CVE-2020-2677 was published May 24, 2022
Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/J). Supported... Low Unreviewed
CVE-2020-2933 was published May 24, 2022
ZTE's SDON controller is impacted by the resource management error vulnerability. When RPC is... Low Unreviewed
CVE-2020-6867 was published May 24, 2022
Multiple cross-site scripting (XSS) vulnerabilities in the Rotor Banner module 5.x before 5.x-1.8... Low Unreviewed
CVE-2010-2125 was published May 17, 2022
FaceTime in Apple iOS before 4.1 on the iPhone and iPod touch does not properly handle invalid X... Low Unreviewed
CVE-2010-1810 was published May 17, 2022
Multiple cross-site scripting (XSS) vulnerabilities in the Storm module 5.x and 6.x before 6.x-1... Low Unreviewed
CVE-2010-2123 was published May 17, 2022
Vulnerability in the Oracle Applications DBA component of Oracle Database Server. Supported... Low Unreviewed
CVE-2020-2568 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database