Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,871
Erlang
37
GitHub Actions
36
Go
2,504
Maven
5,000+
npm
4,149
NuGet
735
pip
3,949
Pub
12
RubyGems
945
Rust
1,025
Swift
39
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

845 advisories

Loading
YzmCMS 3.6 allows remote attackers to discover the full path via a direct request to application... Moderate Unreviewed
CVE-2018-7479 was published May 13, 2022
DedeCMS 5.7 allows remote attackers to discover the full path via a direct request for include... High Unreviewed
CVE-2018-6910 was published May 13, 2022
EmpireCMS 6.6 through 7.2 allows remote attackers to discover the full path via an array value... Moderate Unreviewed
CVE-2018-6880 was published May 13, 2022
fileio.c in Vim prior to 8.0.1263 sets the group ownership of a .swp file to the editor's primary... Moderate Unreviewed
CVE-2017-17087 was published May 13, 2022
Red Hat Satellite 5.6 and earlier does not disable the web interface that is used to create the... High Unreviewed
CVE-2013-4480 was published May 13, 2022
Microsoft Internet Explorer 6 through 8 does not properly restrict web script, which allows user... Moderate Unreviewed
CVE-2011-1258 was published May 13, 2022
Microsoft Internet Explorer 6 through 9 does not properly implement JavaScript event handlers,... Moderate Unreviewed
CVE-2011-1960 was published May 13, 2022
hw/ppc/spapr.c in QEMU through 3.1.0 allows Information Exposure because the hypervisor shares... Low Unreviewed
CVE-2019-8934 was published May 13, 2022
VMware Identity Manager 2.x before 2.7.1 and vRealize Automation 7.x before 7.2.0 allow remote... Moderate Unreviewed
CVE-2016-5334 was published May 13, 2022
Sensitive information accessible by physical probing of JTAG interface for some Intel(R)... Low Unreviewed
CVE-2022-0005 was published May 13, 2022
An attacker, who gained elevated privileges via some other vulnerability, may be able to read... High Unreviewed
CVE-2021-26366 was published May 13, 2022
A malicious or compromised UApp or ABL could potentially change the value that the ASP uses for... Moderate Unreviewed
CVE-2021-26363 was published May 13, 2022
A malicious or compromised User Application (UApp) or AGESA Boot Loader (ABL) could be used by an... Moderate Unreviewed
CVE-2021-26361 was published May 13, 2022
Failure to verify the protocol in SMM may allow an attacker to control the protocol and modify... High Unreviewed
CVE-2021-26317 was published May 13, 2022
The vulnerability was discovered within the “FaviconService”. The service takes a base64-encoded... High Unreviewed
CVE-2021-27770 was published May 13, 2022
Information leakage occurs when a website reveals information that could aid an attacker to... Moderate Unreviewed
CVE-2021-27769 was published May 13, 2022
An attacker with access to a malicious hypervisor may be able to infer data values used in a SEV... Moderate Unreviewed
CVE-2021-46744 was published May 12, 2022
Windows Graphics Component Information Disclosure Vulnerability. This CVE ID is unique from CVE... Moderate Unreviewed
CVE-2022-22011 was published May 11, 2022
Windows Remote Desktop Protocol (RDP) Information Disclosure Vulnerability. Moderate Unreviewed
CVE-2022-22015 was published May 11, 2022
Windows NTFS Information Disclosure Vulnerability. Moderate Unreviewed
CVE-2022-26933 was published May 11, 2022
Windows Server Service Information Disclosure Vulnerability. Moderate Unreviewed
CVE-2022-26936 was published May 11, 2022
Windows WLAN AutoConfig Service Information Disclosure Vulnerability. Moderate Unreviewed
CVE-2022-26935 was published May 11, 2022
Windows Failover Cluster Information Disclosure Vulnerability. Moderate Unreviewed
CVE-2022-29102 was published May 11, 2022
Remote Desktop Protocol Client Information Disclosure Vulnerability. Moderate Unreviewed
CVE-2022-26940 was published May 11, 2022
Windows Graphics Component Information Disclosure Vulnerability. This CVE ID is unique from CVE... Moderate Unreviewed
CVE-2022-29112 was published May 11, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database