Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,871
Erlang
37
GitHub Actions
36
Go
2,504
Maven
5,000+
npm
4,149
NuGet
735
pip
3,949
Pub
12
RubyGems
945
Rust
1,025
Swift
39
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

845 advisories

Loading
Windows Clustered Shared Volume Information Disclosure Vulnerability. This CVE ID is unique from... Moderate Unreviewed
CVE-2022-29120 was published May 11, 2022
Windows Clustered Shared Volume Information Disclosure Vulnerability. This CVE ID is unique from... Moderate Unreviewed
CVE-2022-29122 was published May 11, 2022
Windows Clustered Shared Volume Information Disclosure Vulnerability. This CVE ID is unique from... Moderate Unreviewed
CVE-2022-29123 was published May 11, 2022
In the KeepKey firmware before 7.3.2, the bootloader can be exploited in unusual situations in... Moderate Unreviewed
CVE-2022-30330 was published May 8, 2022
Brave before 1.34, when a Private Window with Tor Connectivity is used, leaks .onion URLs in... Moderate Unreviewed
CVE-2022-30334 was published May 8, 2022
SchedMD Slurm 21.08.x through 20.11.x has Incorrect Access Control that leads to Information... High Unreviewed
CVE-2022-29500 was published May 6, 2022
Monkey HTTP Daemon has local security bypass High Unreviewed
CVE-2013-2183 was published May 5, 2022
Insecure temporary file vulnerability in RedHat vsdm 4.9.6. Moderate Unreviewed
CVE-2013-4280 was published May 5, 2022
An insecurity temporary file vulnerability exists in RHQ Mongo DB Drift Server through 2013-09-25... High Unreviewed
CVE-2013-4374 was published May 5, 2022
An improper access control vulnerability [CWE-284] in FortiOS versions 6.4.8 and prior and 7.0.3... Moderate Unreviewed
CVE-2021-41032 was published May 5, 2022
PingID Desktop prior to 1.7.3 has a misconfiguration in the encryption libraries which can lead... Critical Unreviewed
CVE-2021-42001 was published May 3, 2022
Acme Thttpd Secure Webserver before 2.22, with the chroot option enabled, allows remote attackers... Moderate Unreviewed
CVE-2001-0892 was published Apr 30, 2022
Acme mini_httpd before 1.16 allows remote attackers to view sensitive files under the document... Moderate Unreviewed
CVE-2001-0893 was published Apr 30, 2022
Opera 7.54 and earlier does not properly limit an applet's access to internal Java packages from... Low Unreviewed
CVE-2004-1489 was published Apr 29, 2022
cifs-utils through 6.14, with verbose logging, can cause an information leak when a file contains... Moderate Unreviewed
CVE-2022-29869 was published Apr 29, 2022
In JetBrains PyCharm before 2022.1 exposure of the debugger port to the internal network was... Low Unreviewed
CVE-2022-29820 was published Apr 29, 2022
A vulnerability in Zoom On-Premise Meeting Connector Controller version 4.8.102.20220310 and On... High Unreviewed
CVE-2022-22783 was published Apr 29, 2022
An access control issue in Zammad v5.0.3 broadcasts administrative configuration changes to all... Moderate Unreviewed
CVE-2022-27331 was published Apr 28, 2022
An access control issue in Zammad v5.0.3 allows attackers to write entries to the CTI caller log... Critical Unreviewed
CVE-2022-27332 was published Apr 28, 2022
IBM QRadar SIEM 7.3, 7.4, and 7.5 allows for users to access information across tenant and domain... Moderate Unreviewed
CVE-2021-38874 was published Apr 28, 2022
LibreOffice and OpenOffice automatically open embedded content Moderate Unreviewed
CVE-2012-5639 was published Apr 23, 2022
IBM Cognos Analytics 11.1.7, 11.2.0, and 11.1.7 could allow a remote attacker to obtain... Moderate Unreviewed
CVE-2021-38904 was published Apr 23, 2022
IBM Cognos Analytics 11.1.7, 11.2.0, and 11.1.7 could allow an authenticated user to view report... Moderate Unreviewed
CVE-2021-38905 was published Apr 23, 2022
Mounting /proc filesystem via chroot command silently mounts it in read-write mode. The user... Moderate Unreviewed
CVE-2008-2544 was published Apr 21, 2022
Mondo 2.24 has insecure handling of temporary files. Critical Unreviewed
CVE-2007-3915 was published Apr 21, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database