Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,869
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,122
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,020
Swift
39
Unreviewed advisories
All unreviewed
5,000+

12,429 advisories

Loading
Microsoft Intune Portal for iOS Security Feature Bypass Vulnerability. Low Unreviewed
CVE-2022-24465 was published Mar 10, 2022
Media Foundation Information Disclosure Vulnerability. This CVE ID is unique from CVE-2022-22010. Low Unreviewed
CVE-2022-21977 was published Mar 10, 2022
Shopware user session is not logged out if the password is reset via password recovery Low
CVE-2022-24744 was published for shopware/core (Composer) Mar 10, 2022
tdunlap607
Path traversal in org.postgresql:postgresql Low
CVE-2022-26520 was published for org.postgresql:postgresql (Maven) Mar 11, 2022
Information Exposure vulnerability in Galaxy Watch3 Plugin prior to version 2.2.09.22012751... Low Unreviewed
CVE-2022-25830 was published Mar 11, 2022
Information Exposure vulnerability in Galaxy Watch Plugin prior to version 2.2.05.220126741... Low Unreviewed
CVE-2022-25823 was published Mar 11, 2022
Information Exposure vulnerability in Watch Active Plugin prior to version 2.2.07.22012751 allows... Low Unreviewed
CVE-2022-25828 was published Mar 11, 2022
Information Exposure vulnerability in Watch Active2 Plugin prior to version 2.2.08.22012751... Low Unreviewed
CVE-2022-25829 was published Mar 11, 2022
Information Exposure vulnerability in Galaxy Watch Plugin prior to version 2.2.05.22012751 allows... Low Unreviewed
CVE-2022-25827 was published Mar 11, 2022
Information Exposure vulnerability in Galaxy S3 Plugin prior to version 2.2.03.22012751 allows... Low Unreviewed
CVE-2022-25826 was published Mar 11, 2022
Improper access control vulnerability in BixbyTouch prior to version 2.2.00.6 in China models... Low Unreviewed
CVE-2022-25824 was published Mar 11, 2022
Improper authentication in One UI Home prior to SMR Mar-2022 Release 1 allows attacker to... Low Unreviewed
CVE-2022-25817 was published Mar 11, 2022
Unprotected Activity in AppLock prior to SMR Mar-2022 Release 1 allows attacker to change the... Low Unreviewed
CVE-2022-24929 was published Mar 11, 2022
A flaw in grub2 was found where its configuration file, known as grub.cfg, is being created with... Low Unreviewed
CVE-2021-3981 was published Mar 11, 2022
Infinite loop in Pillow Low
GHSA-4fx9-vc88-q2xc was published for Pillow (pip) Mar 11, 2022
** DISPUTED ** An issue was discovered in OpenSSH before 8.9. If a client is using public-key... Low Unreviewed
CVE-2021-36368 was published Mar 14, 2022
Inconsistent storage layout for ERC2771ContextUpgradeable Low
GHSA-7j52-6fjp-58gr was published for @openzeppelin/contracts-upgradeable (npm) Mar 14, 2022
IBM Spectrum Protect Operations Center 8.1.0.000 through 8.1.13.xxx is vulnerable to reverse... Low Unreviewed
CVE-2022-22348 was published Mar 15, 2022
Client Secret stored in plain text by Jenkins GitLab Authentication Plugin Low
CVE-2022-27206 was published for org.jenkins-ci.plugins:gitlab-oauth (Maven) Mar 16, 2022
NotMyFault
Sensitive parameter values captured in build metadata files by Jenkins Parameterized Trigger Plugin Low
CVE-2022-27195 was published for org.jenkins-ci.plugins:parameterized-trigger (Maven) Mar 16, 2022
NotMyFault
Hidden functionality in node-ipc Low
GHSA-8gr3-2gjw-jj7g was published for node-ipc (npm) Mar 16, 2022
node-ipc behavior change Low
GHSA-3mpp-xfvh-qh37 was published for node-ipc (npm) Mar 16, 2022
pallost
A flaw was found in the vhost-vsock device of QEMU. In case of error, an invalid element was not... Low Unreviewed
CVE-2022-26354 was published Mar 17, 2022
Adobe Character Animator version 4.4 (and earlier versions) are affected by an out-of-bounds read... Low Unreviewed
CVE-2021-40769 was published Mar 17, 2022
Adobe Character Animator version 4.4 (and earlier versions) are affected by an out-of-bounds read... Low Unreviewed
CVE-2021-40766 was published Mar 17, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database