Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,869
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,122
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,020
Swift
39
Unreviewed advisories
All unreviewed
5,000+

12,429 advisories

Loading
An authentication issue was addressed with improved state management. This issue is fixed in... Low Unreviewed
CVE-2022-22656 was published Mar 19, 2022
An issue with app access to camera metadata was addressed with improved logic. This issue is... Low Unreviewed
CVE-2022-22598 was published Mar 19, 2022
Description: A permissions issue was addressed with improved validation. This issue is fixed in... Low Unreviewed
CVE-2022-22599 was published Mar 19, 2022
An insecure permissions vulnerability in Snapt Aria v12.8 allows unauthenticated attackers to... Low Unreviewed
CVE-2022-24236 was published Mar 22, 2022
Renderers can obtain access to random bluetooth device without permission in Electron Low
CVE-2022-21718 was published for electron (npm) Mar 22, 2022
PalmerAL
Philips Gemini PET/CT family software stores sensitive information in a removable media device... Low Unreviewed
CVE-2021-27456 was published Mar 24, 2022
Twig Sandbox Information Disclosure Low
CVE-2019-9942 was published for twig/twig (Composer) Mar 26, 2022
A vulnerability classified as problematic has been found in Mirmay Secure Private Browser and... Low Unreviewed
CVE-2018-25030 was published Mar 29, 2022
Discoverability of user password hash in Statamic CMS Low
CVE-2022-24784 was published for statamic/cms (Composer) Mar 29, 2022
SaltStack Salt Improper Authentication via Man in the Middle Attack Low
CVE-2022-22935 was published for salt (pip) Mar 30, 2022
In ArrayMap, there is a possible leak of the content of SMS messages due to log information... Low Unreviewed
CVE-2021-39739 was published Mar 31, 2022
A flaw was found in the Linux kernels implementation of audit rules, where a syscall can... Low Unreviewed
CVE-2020-35501 was published Mar 31, 2022
Reflected Cross Site Scripting in GitHub repository openemr/openemr prior to 6.0.0.4. Low Unreviewed
CVE-2022-1180 was published Mar 31, 2022
Raidrive before v2021.12.35 allows attackers to arbitrarily move log files by pre-creating a... Low Unreviewed
CVE-2022-27049 was published Apr 2, 2022
Cross-Site Request Forgery in YOURLS Low
CVE-2022-0088 was published for yourls/yourls (Composer) Apr 4, 2022
A business logic error in Project Import in GitLab CE/EE versions 14.9 prior to 14.9.2, 14.8... Low Unreviewed
CVE-2022-1111 was published Apr 5, 2022
XSS Injection Vulnerability Low
GHSA-wf98-vxv9-jqfv was published for craftcms/cms (Composer) Apr 5, 2022
Improper access control vulnerability in Samsung Members prior to version 13.6.08.5 allows local... Low Unreviewed
CVE-2022-28777 was published Apr 12, 2022
Improper access control vulnerability in Samsung Security Supporter prior to version 1.2.40.0... Low Unreviewed
CVE-2022-28778 was published Apr 12, 2022
Improper access control vulnerability in Samsung Flow prior to version 4.8.06.5 allows attacker... Low Unreviewed
CVE-2022-28775 was published Apr 12, 2022
Improper boundary check in media.extractor library prior to SMR Apr-2022 Release 1 allows... Low Unreviewed
CVE-2022-27832 was published Apr 12, 2022
Improper authentication in ImsService prior to SMR Apr-2022 Release 1 allows attackers to get... Low Unreviewed
CVE-2022-25833 was published Apr 12, 2022
Improper access control vulnerability in SamsungContacts prior to SMR Apr-2022 Release 1 allows... Low Unreviewed
CVE-2022-26090 was published Apr 12, 2022
Missing sanitization of logged exception messages in all versions prior to 14.7.7, 14.8 prior to... Low Unreviewed
CVE-2022-1157 was published Apr 12, 2022
Dell PowerScale OneFS, versions 8.2.2-9.3.x, contain a time-of-check-to-time-of-use vulnerability... Low Unreviewed
CVE-2022-24413 was published Apr 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database