Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+

12,432 advisories

Loading
Hard-coded credentials in the B. Braun Melsungen AG SpaceCom Version L81/U61 and earlier, and the... Low Unreviewed
CVE-2020-25168 was published Apr 15, 2022
Exposure of Resource to Wrong Sphere in Simple-Wayland-HotKey-Daemon Low
CVE-2022-27814 was published for Simple-Wayland-HotKey-Daemon (Rust) Apr 15, 2022
Shinyzenith
Vulnerability in the MySQL Cluster product of Oracle MySQL (component: Cluster: General).... Low Unreviewed
CVE-2022-21485 was published Apr 20, 2022
Vulnerability in the MySQL Cluster product of Oracle MySQL (component: Cluster: General).... Low Unreviewed
CVE-2022-21484 was published Apr 20, 2022
Vulnerability in the MySQL Cluster product of Oracle MySQL (component: Cluster: General).... Low Unreviewed
CVE-2022-21486 was published Apr 20, 2022
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). The... Low Unreviewed
CVE-2022-21488 was published Apr 20, 2022
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). The... Low Unreviewed
CVE-2022-21487 was published Apr 20, 2022
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE ... Low Unreviewed
CVE-2022-21443 was published Apr 20, 2022
Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions... Low Unreviewed
CVE-2022-21423 was published Apr 20, 2022
NetworkManager 0.9.x does not pin a certificate's subject to an ESSID when 802.11X authentication... Low Unreviewed
CVE-2006-7246 was published Apr 21, 2022
In Linux 2.6 before 2.6.23, the TRACE_IRQS_ON function in iret_exc calls a C function without... Low Unreviewed
CVE-2007-3732 was published Apr 21, 2022
alsa-utils 1.0.19 and later versions allows local users to overwrite arbitrary files via a... Low Unreviewed
CVE-2009-0035 was published Apr 21, 2022
In RHEV-M VDC 2.2.0, it was found that the SSL certificate was not verified when using the client... Low Unreviewed
CVE-2009-3552 was published Apr 21, 2022
liboping 1.3.2 allows users reading arbitrary files upon the local system. Low Unreviewed
CVE-2009-3614 was published Apr 21, 2022
MySQL-GUI-tools (mysql-administrator) leaks passwords into process list after with launch of... Low Unreviewed
CVE-2010-4178 was published Apr 21, 2022
Locale module and dependent contributed modules in Drupal 6.x before 6.16 and 5.x before version... Low Unreviewed
CVE-2010-2472 was published Apr 21, 2022
Drupal 6.x before 6.16 and 5.x before version 5.22 does not properly block users under certain... Low Unreviewed
CVE-2010-2473 was published Apr 21, 2022
The update{_bad,}_phishing_sites scripts in mailscanner 4.79.11-2 downloads files and trusts them... Low Unreviewed
CVE-2010-3292 was published Apr 21, 2022
mailscanner before 4.79.11-2.1 might allow local users to overwrite arbitrary files via a symlink... Low Unreviewed
CVE-2010-3095 was published Apr 21, 2022
babiloo 2.0.9 before 2.0.11 creates temporary files with predictable names when downloading and... Low Unreviewed
CVE-2010-3440 was published Apr 21, 2022
389 Directory Server before 1.2.7.1 (aka Red Hat Directory Server 8.2) and HP-UX Directory Server... Low Unreviewed
CVE-2010-3282 was published Apr 21, 2022
Openstack nova qcow format could expose host filesystem information Low
CVE-2011-3147 was published for nova (pip) Apr 22, 2022
Cross-site Scripting (XSS) in TYPO3 before 4.3.12, 4.4.x before 4.4.9, and 4.5.x before 4.5.4... Low Unreviewed
CVE-2011-4629 was published Apr 22, 2022
A memory leak in rsyslog before 5.7.6 was found in the way deamon processed log messages are... Low Unreviewed
CVE-2011-1488 was published Apr 22, 2022
Zikula 1.3.0 build #3168 and probably prior has XSS flaw due to improper sanitization of the ... Low Unreviewed
CVE-2011-3352 was published Apr 22, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database