Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,871
Erlang
37
GitHub Actions
36
Go
2,504
Maven
5,000+
npm
4,149
NuGet
735
pip
3,949
Pub
12
RubyGems
945
Rust
1,025
Swift
39
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

845 advisories

Loading
Windows OS can be configured to overlay a “language bar” on top of any application. When this OS... Critical Unreviewed
CVE-2022-1467 was published May 24, 2022
Multi Store Inventory Management System v1.0 was discovered to contain an information disclosure... High Unreviewed
CVE-2022-28991 was published May 21, 2022
IBM Security Identity Governance and Intelligence 5.2.4, 5.2.5, and 5.2.6 could allow a remote... Moderate Unreviewed
CVE-2020-4970 was published May 20, 2022
Missing input masking in GitLab CE/EE affecting all versions starting from 1.0.2 before 14.8.6,... High Unreviewed
CVE-2022-1413 was published May 20, 2022
An access control issue in TOTOLINK A3100R V4.1.2cu.5050_B20200504 and V4.1.2cu.5247_B20211129... Moderate Unreviewed
CVE-2022-29646 was published May 19, 2022
An information disclosure vulnerability in UniverSIS-Students before v1.5.0 allows attackers to... Moderate Unreviewed
CVE-2022-28924 was published May 19, 2022
IBM Security Identity Governance and Intelligence 5.2.6 could disclose sensitive information in... Moderate Unreviewed
CVE-2020-4957 was published May 18, 2022
Pen 0.18.0 has Insecure Temporary File Creation vulnerabilities Moderate Unreviewed
CVE-2014-2387 was published May 17, 2022
OpenShift: Install script has temporary file creation vulnerability which can result in arbitrary... High Unreviewed
CVE-2014-0023 was published May 17, 2022
Pages that are rendered using the ESI plugin can have access to the cookie header when the plugin... Moderate Unreviewed
CVE-2018-8040 was published May 13, 2022
A remote bypass of security restrictions vulnerability was identified in HPE Moonshot... Critical Unreviewed
CVE-2018-7072 was published May 13, 2022
A local arbitrary file modification vulnerability was identified in HPE Moonshot Provisioning... Moderate Unreviewed
CVE-2018-7073 was published May 13, 2022
The ARM-based hardware debugging feature on Raspberry Pi 3 module B+ and possibly other devices... Critical Unreviewed
CVE-2018-18068 was published May 13, 2022
An issue was discovered in Ivanti Workspace Control before 10.3.10.0 and RES One Workspace. A... High Unreviewed
CVE-2018-15591 was published May 13, 2022
An issue was discovered in KTextEditor 5.34.0 through 5.45.0. Insecure handling of temporary... High Unreviewed
CVE-2018-10361 was published May 13, 2022
ME906s-158 earlier than ME906S_Installer_13.1805.10.3 versions has a privilege elevation... High Unreviewed
CVE-2017-8185 was published May 13, 2022
Huawei smart phones with software earlier than Vicky-AL00AC00B172D versions have a Factory Reset... Moderate Unreviewed
CVE-2017-8171 was published May 13, 2022
EVA-L09 smartphones with software Earlier than EVA-L09C25B150CUSTC25D003 versions,Earlier than... Moderate Unreviewed
CVE-2017-8161 was published May 13, 2022
tcpdf before 6.2.0 uploads files from the server generating PDF-files to an external FTP. High Unreviewed
CVE-2017-6100 was published May 13, 2022
The Norwegian Air Shuttle (aka norwegian.com) airline kiosk allows physically proximate attackers... High Unreviewed
CVE-2017-5634 was published May 13, 2022
In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Automobile and... Critical Unreviewed
CVE-2017-18129 was published May 13, 2022
In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Automobile, Snapdragon... High Unreviewed
CVE-2017-18073 was published May 13, 2022
Cacti 1.1.27 allows remote authenticated administrators to conduct Remote Code Execution attacks... High Unreviewed
CVE-2017-16660 was published May 13, 2022
An issue was discovered in Xen through 4.9.x allowing x86 HVM guest OS users to cause a denial of... High Unreviewed
CVE-2017-15592 was published May 13, 2022
Insufficient Policy Enforcement in Devtools remote debugging in Google Chrome prior to 62.0.3202... High Unreviewed
CVE-2017-15393 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database