Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+

12,432 advisories

Loading
Vulnerability in the MySQL Cluster product of Oracle MySQL (component: Cluster: General).... Low Unreviewed
CVE-2022-21313 was published Jan 20, 2022
Vulnerability in the MySQL Cluster product of Oracle MySQL (component: Cluster: General).... Low Unreviewed
CVE-2022-21311 was published Jan 20, 2022
Vulnerability in the MySQL Cluster product of Oracle MySQL (component: Cluster: General).... Low Unreviewed
CVE-2022-21312 was published Jan 20, 2022
Vulnerability in the Oracle Solaris product of Oracle Systems (component: Install). The supported... Low Unreviewed
CVE-2022-21298 was published Jan 20, 2022
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). The... Low Unreviewed
CVE-2022-21295 was published Jan 20, 2022
Vulnerability in the Oracle Communications Billing and Revenue Management product of Oracle... Low Unreviewed
CVE-2022-21268 was published Jan 20, 2022
Vulnerability in the Oracle Communications Billing and Revenue Management product of Oracle... Low Unreviewed
CVE-2022-21267 was published Jan 20, 2022
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer).... Low Unreviewed
CVE-2022-21265 was published Jan 20, 2022
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DDL). Supported... Low Unreviewed
CVE-2022-21249 was published Jan 20, 2022
Vulnerability in the Core RDBMS component of Oracle Database Server. Supported versions that are... Low Unreviewed
CVE-2022-21247 was published Jan 20, 2022
Observable Discrepancy and Observable Timing Discrepancy in Jenkins Configuration as Code Plugin Low
CVE-2022-23106 was published for io.jenkins:configuration-as-code (Maven) Jan 21, 2022
NotMyFault westonsteimel
Rapid7 Insight Agent, versions prior to 3.1.3, suffer from an improper access control... Low Unreviewed
CVE-2021-4016 was published Jan 22, 2022
This vulnerability allows local attackers to disclose sensitive information on affected... Low Unreviewed
CVE-2021-35005 was published Jan 25, 2022
Escalation of privileges vulnerability in Micro Focus in Micro Focus Operations Agent, affecting... Low Unreviewed
CVE-2021-38129 was published Jan 26, 2022
Withdrawn: Code Injection in loguru Low
CVE-2022-0329 was published for loguru (pip) Jan 28, 2022 withdrawn
Insufficient user authorization in Moodle Low
CVE-2022-0333 was published for moodle/moodle (Composer) Jan 28, 2022
A CWE-331: Insufficient Entropy vulnerability exists that could cause unintended connection from... Low Unreviewed
CVE-2021-22799 was published Jan 29, 2022
Potential proxy IP restriction bypass in Kubernetes Low
CVE-2020-8562 was published for k8s.io/kubernetes (Go) Feb 2, 2022
enj
Full list of recipients from customer users in a contact field could be disclosed in notification... Low Unreviewed
CVE-2022-0474 was published Feb 8, 2022
OCI Manifest Type Confusion Issue Low
GHSA-qq97-vm5h-rrhg was published for github.com/docker/distribution (Go) Feb 8, 2022
samuelkarp
Generation of Error Message Containing Sensitive Information in Keycloak Low
CVE-2020-1717 was published for org.keycloak:keycloak-parent (Maven) Feb 9, 2022
Exposure of Resource to Wrong Sphere and Insecure Temporary File in Ansible Low
CVE-2020-10744 was published for ansible (pip) Feb 9, 2022
Argument Injection in Ansible Low
CVE-2020-1738 was published for ansible (pip) Feb 9, 2022
Data Amplification in Play Framework Low
CVE-2020-28923 was published for com.typesafe.play:play (Maven) Feb 9, 2022
In ArangoDB, versions v3.7.0 through v3.9.0-alpha.1 have a feature which allows downloading a... Low Unreviewed
CVE-2021-25939 was published Feb 10, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database