Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,871
Erlang
37
GitHub Actions
36
Go
2,504
Maven
5,000+
npm
4,149
NuGet
735
pip
3,949
Pub
12
RubyGems
945
Rust
1,025
Swift
39
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

845 advisories

Loading
The component /rootfs in RageFile of Stepmania v5.1b2 and below allows attackers access to the... Critical Unreviewed
CVE-2022-25010 was published Mar 3, 2022
An issue was discovered in Zoho ManageEngine Key Manager Plus 6.1.6. A user, with the level... Moderate Unreviewed
CVE-2022-24446 was published Mar 2, 2022
A improper input validation in Fortinet FortiGate version 6.4.3 and below, version 6.2.5 and... Moderate Unreviewed
CVE-2020-15936 was published Mar 2, 2022
The auto-completion plugin in Ametys CMS before 4.5.0 allows a remote unauthenticated attacker to... Moderate Unreviewed
CVE-2022-26159 was published Mar 1, 2022
** DISPUTED ** The Visual Voice Mail (VVM) application through 2022-02-24 for Android allows... High Unreviewed
CVE-2022-23835 was published Feb 26, 2022
In JetBrains TeamCity before 2021.2.1, an unauthenticated attacker can cancel running builds via... Moderate Unreviewed
CVE-2022-24336 was published Feb 26, 2022
seatd-launch in seatd 0.6.x before 0.6.4 allows removing files with escalated privileges when... Critical Unreviewed
CVE-2022-25643 was published Feb 25, 2022
An issue was discovered in drivers/usb/gadget/function/rndis.c in the Linux kernel before 5.16.10... Moderate Unreviewed
CVE-2022-25375 was published Feb 21, 2022
An issue was discovered in Cerebrate through 1.4. An incorrect sharing group ACL allowed an... Moderate Unreviewed
CVE-2022-25318 was published Feb 19, 2022
xmlparse.c in Expat (aka libexpat) before 2.4.5 allows attackers to insert namespace-separator... Critical Unreviewed
CVE-2022-25236 was published Feb 17, 2022
CobaltStrike <=4.5 HTTP(S) listener does not determine whether the request URL begins with "/",... High Unreviewed
CVE-2022-23317 was published Feb 16, 2022
Splashtop Streamer through 3.4.8.3 creates a Temporary File in a Directory with Insecure... High Unreviewed
CVE-2021-42712 was published Feb 16, 2022
** UNSUPPORTED WHEN ASSIGNED ** Emerson Dixell XWEB-500 products are affected by information... High Unreviewed
CVE-2021-45421 was published Feb 15, 2022
Policy bypass in Blink in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to leak... Moderate Unreviewed
CVE-2022-0117 was published Feb 13, 2022
The check_alu_op() function in kernel/bpf/verifier.c in the Linux kernel through v5.16-rc5 did... Moderate Unreviewed
CVE-2021-45402 was published Feb 12, 2022
A CWE-200: Information Exposure vulnerability exists that could cause sensitive information of... High Unreviewed
CVE-2021-22785 was published Feb 12, 2022
In clear_data_dlg_text of strings.xml, there is a possible situation when "Clear storage"... Moderate Unreviewed
CVE-2021-39631 was published Feb 12, 2022
The --mirror documentation for Git through 2.35.1 does not mention the availability of deleted... High Unreviewed
CVE-2022-24975 was published Feb 12, 2022
Improper isolation of shared resources in network on chip for the Intel(R) 82599 Ethernet... Moderate Unreviewed
CVE-2021-33096 was published Feb 11, 2022
In Stormshield 1.1.0, and 2.1.0 through 2.9.0, an attacker can block a client from accessing the... Moderate Unreviewed
CVE-2021-31814 was published Feb 11, 2022
In Zammad 5.0.2, agents can configure "out of office" periods and substitute persons. If the... Moderate Unreviewed
CVE-2021-44886 was published Feb 10, 2022
A potential Information leakage vulnerability has been identified in versions of Micro Focus... Moderate Unreviewed
CVE-2021-38130 was published Feb 10, 2022
Thinfinity VirtualUI 2.1.28.0, 2.1.32.1 and 2.5.26.2, fixed in version 3.0 is affected by an... High Unreviewed
CVE-2021-46354 was published Feb 10, 2022
Windows Remote Access Connection Manager Information Disclosure Vulnerability. Moderate Unreviewed
CVE-2022-21985 was published Feb 10, 2022
Windows Services for NFS ONCRPC XDR Driver Information Disclosure Vulnerability. High Unreviewed
CVE-2022-21993 was published Feb 10, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database