Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,869
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,122
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,020
Swift
39
Unreviewed advisories
All unreviewed
5,000+

12,428 advisories

Loading
iDrive RemotePC before 7.6.48 on Windows allows information disclosure. A locally authenticated... Low Unreviewed
CVE-2021-34688 was published May 24, 2022
Cross-site scripting (XSS) vulnerability in the Taxonomy Breadcrumb module 6.x before 6.x-1.1 for... Low Unreviewed
CVE-2010-1976 was published May 17, 2022
There is a use-after-free vulnerability in the Linux kernel through 5.5.2 in the... Low Unreviewed
CVE-2020-8648 was published May 24, 2022
McAfee SafeBoot Device Encryption 4 build 4750 and earlier stores pre-boot authentication... Low Unreviewed
CVE-2008-7020 was published May 17, 2022
ZoneMinder 1.23.3 on Gentoo Linux uses 0644 permissions for /etc/zm.conf, which allows local... Low Unreviewed
CVE-2008-6756 was published May 17, 2022
Description: A person with physical access may be able to access contacts. This issue is fixed in... Low Unreviewed
CVE-2021-1862 was published May 24, 2022
A flaw was found in Ansible Tower when running jobs. This flaw allows an attacker to access the... Low Unreviewed
CVE-2020-10698 was published May 24, 2022
Certain Arm products before 2021-08-23 do not properly consider the effect of exceptions on a... Low Unreviewed
CVE-2021-35465 was published May 24, 2022
A flaw was found in the Linux kernel in versions before 5.4.92 in the BPF protocol. This flaw... Low Unreviewed
CVE-2021-20239 was published May 24, 2022
Path Traversal in XWiki Platform Low
CVE-2022-29253 was published for org.xwiki.platform:xwiki-platform-oldcore (Maven) Jun 1, 2022
A lock screen issue allowed access to contacts on a locked device. This issue was addressed with... Low Unreviewed
CVE-2021-30815 was published May 24, 2022
"HCL Traveler Companion is vulnerable to an iOS weak cryptographic process vulnerability via the... Low Unreviewed
CVE-2020-14263 was published May 24, 2022
vicious-extensions/ve-misc.c in GNOME Display Manager (gdm) 2.20.x before 2.20.11, when GDM debug... Low Unreviewed
CVE-2010-2387 was published May 17, 2022
Multiple cross-site scripting (XSS) vulnerabilities in Drupal Content Construction Kit (CCK) 5.x... Low Unreviewed
CVE-2008-6972 was published May 17, 2022
Cross-site scripting (XSS) vulnerability in the Taxonomy Breadcrumb module 5.x before 5.x-1.5 and... Low Unreviewed
CVE-2010-1984 was published May 17, 2022
Citrix Presentation Server Client for Windows before 10.200 does not clear "credential... Low Unreviewed
CVE-2008-6561 was published May 17, 2022
Failed payment recorded has completed in Silverstripe Omnipay Low
CVE-2022-29254 was published for silverstripe/silverstripe-omnipay (Composer) Jun 6, 2022
IBM Spectrum Copy Data Management Admin 2.2.0.0 through 2.2.15.0 could allow a local attacker to... Low Unreviewed
CVE-2022-22426 was published Jun 11, 2022
Multiple cross-site scripting (XSS) vulnerabilities in Joomla! 1.5.7 and earlier allow remote... Low Unreviewed
CVE-2008-6299 was published May 17, 2022
Vulnerability in the Oracle Retail Customer Management and Segmentation Foundation product of... Low Unreviewed
CVE-2020-2649 was published May 24, 2022
This vulnerability allows network-adjacent attackers to disclose sensitive information on... Low Unreviewed
CVE-2020-10930 was published May 24, 2022
A Lucky 13 timing side channel in mbedtls_ssl_decrypt_buf in library/ssl_msg.c in Trusted... Low Unreviewed
CVE-2020-16150 was published May 24, 2022
In f2fs_xattr_generic_list of xattr.c, there is a possible out of bounds read due to a missing... Low Unreviewed
CVE-2020-0067 was published May 24, 2022
Improper access in Notification setting prior to SMR JUN-2021 Release 1 allows physically... Low Unreviewed
CVE-2021-25409 was published May 24, 2022
The auto-complete functionality in the Chaos Tool Suite (aka CTools) module 6.x before 6.x-1.4... Low Unreviewed
CVE-2010-1548 was published May 17, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database