Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,869
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,122
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,020
Swift
39
Unreviewed advisories
All unreviewed
5,000+

12,428 advisories

Loading
In queryInternal of CallLogProvider.java, there is a possible permission bypass due to improper... Low Unreviewed
CVE-2020-0368 was published May 24, 2022
An improper authorization vulnerability in the Palo Alto Networks Cortex XSOAR server enables an... Low Unreviewed
CVE-2021-3049 was published May 24, 2022
NCH Reflect CRM 3.01 allows local users to discover cleartext user account information by reading... Low Unreviewed
CVE-2021-37468 was published May 24, 2022
Cleartext Storage of Sensitive Information in Memory vulnerability in Microsoft Windows client in... Low Unreviewed
CVE-2020-7299 was published May 24, 2022
internal/telephony/SMSDispatcher.java in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x... Low Unreviewed
CVE-2016-3888 was published May 17, 2022
Sensitive information exposure in low-battery dumpstate log prior to SMR Jun-2022 Release 1... Low Unreviewed
CVE-2022-28794 was published Jun 8, 2022
Sensitive information exposure vulnerability in FmmExtraOperation of Find My Mobile prior to 7.2... Low Unreviewed
CVE-2022-30742 was published Jun 8, 2022
Intent redirection vulnerability in Samsung Account prior to version 10.8.0.4 in Android P(9.0)... Low Unreviewed
CVE-2021-25403 was published May 24, 2022
Cross-site scripting (XSS) vulnerability in the administrative interface in Drupal Content... Low Unreviewed
CVE-2008-6229 was published May 17, 2022
Azure RTOS Information Disclosure Vulnerability This CVE ID is unique from CVE-2021-26444, CVE... Low Unreviewed
CVE-2021-42323 was published May 24, 2022
An exposure of sensitive information to an unauthorized actor vulnerability in FortiOS CLI 7.0.0,... Low Unreviewed
CVE-2021-32600 was published May 24, 2022
The issue was addressed with improved permissions logic. This issue is fixed in iOS 15 and iPadOS... Low Unreviewed
CVE-2021-30816 was published May 24, 2022
Information exposure vulnerability in SemIWCMonitor prior to SMR Jun-2022 Release 1 allows local... Low Unreviewed
CVE-2022-30714 was published Jun 8, 2022
Apple iOS before 10, when Handoff for Messages is used, does not ensure that a Messages signin... Low Unreviewed
CVE-2016-4740 was published May 17, 2022
Printing UIKit in Apple iOS before 10 mishandles environment variables, which allows local users... Low Unreviewed
CVE-2016-4749 was published May 17, 2022
Duplicate of GHSA-4xh4-v2pq-jvhm Low
GHSA-9f2c-xxfm-32mj was published for personnummer (Pub) Jan 11, 2023 withdrawn
Conductor.exe in Intrinsic Swimage Encore before 5.0.1.21 contains a hardcoded password, which... Low Unreviewed
CVE-2008-6191 was published May 17, 2022
The SmartPoster implementation on the Nokia 6131 Near Field Communication (NFC) phone with 05.12... Low Unreviewed
CVE-2008-5825 was published May 17, 2022
Cross-site scripting (XSS) vulnerability in IBM Workplace Content Management (WCM) 6.0G and 6.1... Low Unreviewed
CVE-2008-5228 was published May 17, 2022
Cross-site scripting (XSS) vulnerability in Drupal 5.x before 5.12 and 6.x before 6.6 allows... Low Unreviewed
CVE-2008-6170 was published May 17, 2022
Buffer overflow in IBM WebSphere Application Server (WAS) 7.0 before 7.0.0.43, 8.0 before 8.0.0... Low Unreviewed
CVE-2016-0385 was published May 17, 2022
Cross-site scripting (XSS) vulnerability in Movable Type 4 through 4.21 allows remote attackers... Low Unreviewed
CVE-2008-4634 was published May 17, 2022
An issue was discovered in PrimeKey EJBCA before 7.6.0. As part of the configuration of the... Low Unreviewed
CVE-2021-40086 was published May 24, 2022
Cross-site scripting (XSS) vulnerability in the Ajax Checklist module 5.x before 5.x-1.1 for... Low Unreviewed
CVE-2008-5999 was published May 17, 2022
Cross-site scripting (XSS) vulnerability in the Simplenews module 5.x before 5.x-1.5 and 6.x... Low Unreviewed
CVE-2008-5996 was published May 17, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database