GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 23,904
Composer 4,871
Erlang 37
GitHub Actions 36
Go 2,504
Maven 5,949
npm 4,149
NuGet 735
pip 3,949
Pub 12
RubyGems 945
Rust 1,025
Swift 39

Unreviewed advisories

All unreviewed 269,762

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

567 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

vRealize Operations (vROps) contains a broken access control vulnerability. VMware has evaluated... Moderate Unreviewed

CVE-2022-31708 was published Dec 21, 2022

Unregistered users can see "public" messages from a closed wiki via notifications from a different wiki Moderate

CVE-2025-32783 was published for org.xwiki.platform:xwiki-platform-messagestream (Maven) Apr 16, 2025

A website that had permission to access the microphone could record audio without the audio... Moderate Unreviewed

CVE-2022-38474 was published Dec 22, 2022

Planet eStream before 6.72.10.07 discloses sensitive information, related to the ON cookie ... Moderate Unreviewed

CVE-2022-45895 was published Dec 25, 2022

In Pilz PMC programming tool 3.x before 3.5.17 (based on CODESYS Development System), an attacker... Moderate Unreviewed

CVE-2019-9011 was published Dec 26, 2022

An issue was discovered in MediaWiki before 1.35.5, 1.36.x before 1.36.3, and 1.37.x before 1.37... Moderate Unreviewed

CVE-2021-44854 was published Dec 26, 2022

Windows Installer Information Disclosure Vulnerability Moderate Unreviewed

CVE-2023-32016 was published Jun 14, 2023

Windows TCP/IP Information Disclosure Vulnerability Moderate Unreviewed

CVE-2023-38160 was published Sep 12, 2023

An issue was discovered in the CheckUser extension for MediaWiki through 1.39.x. Various... Moderate Unreviewed

CVE-2022-39193 was published Jan 20, 2023

Acme mini_httpd before 1.16 allows remote attackers to view sensitive files under the document... Moderate Unreviewed

CVE-2001-0893 was published Apr 30, 2022

Acme Thttpd Secure Webserver before 2.22, with the chroot option enabled, allows remote attackers... Moderate Unreviewed

CVE-2001-0892 was published Apr 30, 2022

ownCloud Server 10.x before 10.3.1 allows an attacker, who has one outgoing share from a victim,... Moderate Unreviewed

CVE-2020-36252 was published May 24, 2022

An information disclosure vulnerability in Totolink A830R V4.1.2cu.5182 allows attackers to... Moderate Unreviewed

CVE-2022-48067 was published Jan 27, 2023

A partial fix for CVE-2024-39884 in the core of Apache HTTP Server 2.4.61 ignores some use of... Moderate Unreviewed

CVE-2024-40725 was published Jul 18, 2024

This issue was addressed by enabling hardened runtime. This issue is fixed in macOS Monterey 12.6... Moderate Unreviewed

CVE-2022-32896 was published Feb 27, 2023

Authenticated (admin+) Arbitrary File Read vulnerability in XplodedThemes WPide plugin <= 2.6 at... Moderate Unreviewed

CVE-2022-35235 was published Aug 24, 2022

Authenticated (custom plugin role) Arbitrary File Read via Export function vulnerability in... Moderate Unreviewed

CVE-2022-31475 was published Jul 22, 2022

Apache Cassandra: unrestricted deserialization of JMX authentication credentials Moderate

CVE-2024-27137 was published for org.apache.cassandra:cassandra-all (Maven) Feb 4, 2025

Duplicate Advisory: httparty has multipart/form-data request tampering vulnerability Moderate

GHSA-g47j-3m2m-74qv was published for httparty (RubyGems) Jan 4, 2024 • withdrawn

Apache InLong: General user can delete and update process Moderate

CVE-2023-34189 was published for org.apache.inlong:inlong-manager (Maven) Jul 25, 2023

ServiceNow has released patches and an upgrade that address an Access Control List (ACL) bypass... Moderate Unreviewed

CVE-2022-43684 was published Jun 13, 2023

An Exposure of Resource to Wrong Sphere vulnerability in the Packet Forwarding Engine (PFE) of... Moderate Unreviewed

CVE-2024-21605 was published Apr 12, 2024

Protection mechanism failure in firmware for some Intel(R) SSD DC Products may allow a privileged... Moderate Unreviewed

CVE-2021-33079 was published Sep 21, 2022

Protection mechanism failure in firmware for some Intel(R) SSD DC Products may allow a privileged... Moderate Unreviewed

CVE-2021-33081 was published Sep 21, 2022

Dell NativeEdge, version(s) 2.1.0.0, contain(s) a Creation of Temporary File With Insecure... Moderate Unreviewed

CVE-2024-52543 was published Dec 25, 2024

Previous 12…23 Next

Previous 1 2 3 4 5 … 22 23 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

567 advisories