Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,871
Erlang
37
GitHub Actions
36
Go
2,504
Maven
5,000+
npm
4,149
NuGet
735
pip
3,949
Pub
12
RubyGems
945
Rust
1,025
Swift
39
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

845 advisories

Loading
Windows Common Log File System Driver Information Disclosure Vulnerability. Moderate Unreviewed
CVE-2022-21998 was published Feb 10, 2022
Microsoft Office Information Disclosure Vulnerability. Moderate Unreviewed
CVE-2022-23252 was published Feb 10, 2022
Microsoft Power BI Information Disclosure Vulnerability. Moderate Unreviewed
CVE-2022-23254 was published Feb 10, 2022
Microsoft Excel Information Disclosure Vulnerability. Moderate Unreviewed
CVE-2022-22716 was published Feb 10, 2022
PrinterLogic Web Stack versions 19.1.1.13 SP9 and below are vulnerable to an Insecure Direct... High Unreviewed
CVE-2021-42641 was published Feb 9, 2022
PrinterLogic Web Stack versions 19.1.1.13 SP9 and below are vulnerable to an Insecure Direct... Critical Unreviewed
CVE-2021-42640 was published Feb 9, 2022
In DataEase v1.6.1, an authenticated user can gain unauthorized access to all user information... High Unreviewed
CVE-2022-23331 was published Feb 9, 2022
UNIVERGE DT 820 V3.2.7.0 and prior, UNIVERGE DT 830 V5.2.7.0 and prior, UNIVERGE DT 930 V2.4.0.0... Moderate Unreviewed
CVE-2021-44746 was published Feb 8, 2022
NVIDIA Omniverse Launcher contains a Cross-Origin Resource Sharing (CORS) vulnerability which can... Critical Unreviewed
CVE-2022-21817 was published Feb 8, 2022
The Document Embedder WordPress plugin before 1.7.9 contains a AJAX action endpoint, which could... Moderate Unreviewed
CVE-2021-24868 was published Feb 2, 2022
The Document Embedder WordPress plugin before 1.7.5 contains a REST endpoint, which could allow... Moderate Unreviewed
CVE-2021-24775 was published Feb 2, 2022
Adenza AxiomSL ControllerView through 10.8.1 is vulnerable to user enumeration. An attacker can... Moderate Unreviewed
CVE-2022-24032 was published Jan 31, 2022
An issue was discovered in Saviynt Enterprise Identity Cloud (EIC) 5.5 SP2.x. An attacker can... Moderate Unreviewed
CVE-2022-23856 was published Jan 25, 2022
In a Junos Fusion scenario an External Control of Critical State Data vulnerability in the... Moderate Unreviewed
CVE-2022-22154 was published Jan 20, 2022
An issue was discovered in Delta RM 1.2. It is possible for an unprivileged user to access the... Moderate Unreviewed
CVE-2021-44837 was published Jan 20, 2022
In all versions of GitLab CE/EE since version 12.0, a lower privileged user can import users from... Moderate Unreviewed
CVE-2021-39892 was published Jan 19, 2022
An issue was discovered in Delta RM 1.2. Using the /risque/risque/ajax-details endpoint, with a... Moderate Unreviewed
CVE-2021-44838 was published Jan 19, 2022
The broadcast that DevicePickerFragment sends when a new device is paired doesn't have any... Moderate Unreviewed
CVE-2021-1037 was published Jan 15, 2022
In StatusBar.java, there is a possible disclosure of notification content on the lockscreen due... Low Unreviewed
CVE-2021-39628 was published Jan 15, 2022
In gre_handle_offloads of ip_gre.c, there is a possible page fault due to an invalid memory... Moderate Unreviewed
CVE-2021-39633 was published Jan 15, 2022
In SAP NetWeaver AS for ABAP and ABAP Platform - versions 701, 702, 711, 730, 731, 740, 750, 751,... Moderate Unreviewed
CVE-2021-42067 was published Jan 15, 2022
Lack of validation for third party application accessing the service can lead to information... Moderate Unreviewed
CVE-2021-30314 was published Jan 14, 2022
IBM Engineering Workflow Management 7.0, 7.0.1, and 7.0.2 as well as IBM Rational Team Concert 6... Moderate Unreviewed
CVE-2021-29701 was published Jan 12, 2022
Windows GDI+ Information Disclosure Vulnerability. This CVE ID is unique from CVE-2022-21915. High Unreviewed
CVE-2022-21880 was published Jan 12, 2022
Windows GDI Information Disclosure Vulnerability. High Unreviewed
CVE-2022-21904 was published Jan 12, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database