Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
37
GitHub Actions
36
Go
2,500
Maven
5,000+
npm
4,147
NuGet
735
pip
3,948
Pub
12
RubyGems
945
Rust
1,025
Swift
39
Unreviewed advisories
All unreviewed
5,000+

295 advisories

Loading
"Newsletter subscriber management" (fp_newsletter) TYPO3 extension leaks subscriber data High
CVE-2022-47410 was published for fixpunkt/fp-newsletter (Composer) Dec 14, 2022
Exposure of Sensitive System Information to an Unauthorized Control Sphere in GitHub repository... High Unreviewed
CVE-2022-4366 was published Dec 8, 2022
HTSJDK is vulnerable to exposure of resource(s) to the wrong sphere High
CVE-2022-21126 was published for com.github.samtools:htsjdk (Maven) Nov 29, 2022
PHPGurukul Blood Donor Management System 1.0 does not properly restrict access to admin/dashboard... High Unreviewed
CVE-2022-38813 was published Nov 25, 2022
ManyDesigns Portofino subject to creation of insecure temporary file High
CVE-2022-3952 was published for com.manydesigns:portofino (Maven) Nov 11, 2022
The LBS module has a vulnerability in geofencing API access. Successful exploitation of this... High Unreviewed
CVE-2022-44549 was published Nov 10, 2022
A vulnerability in Hitachi Vantara Pentaho Business Analytics Server versions before 9.2.0.2 and... High Unreviewed
CVE-2021-45446 was published Nov 2, 2022
The deployment script in the unsupported "OpenShift Extras" set of add-on scripts, in Red Hat... High Unreviewed
CVE-2013-4253 was published Oct 19, 2022
Improper access control vulnerability cloudNotificationManager.java in SmartThings prior to... High Unreviewed
CVE-2022-39871 was published Oct 7, 2022
Improper access control vulnerability in cloudNotificationManager.java SmartThings prior to... High Unreviewed
CVE-2022-39870 was published Oct 7, 2022
Improper access control vulnerability in cloudNotificationManager.java SmartThings prior to... High Unreviewed
CVE-2022-39869 was published Oct 7, 2022
Improper access control vulnerability in RegisteredEventMediator.kt SmartThings prior to version... High Unreviewed
CVE-2022-39866 was published Oct 7, 2022
Improper access control vulnerability in cloudNotificationManager.java SmartThings prior to... High Unreviewed
CVE-2022-39867 was published Oct 7, 2022
Improper access control vulnerability in ContentsSharingActivity.java SmartThings prior to... High Unreviewed
CVE-2022-39865 was published Oct 7, 2022
Improper access control vulnerability in GedSamsungAccount.kt SmartThings prior to version 1.7.89... High Unreviewed
CVE-2022-39868 was published Oct 7, 2022
Improper access control vulnerability in WifiSetupLaunchHelper in SmartThings prior to version 1... High Unreviewed
CVE-2022-39864 was published Oct 7, 2022
IBM QRadar SIEM 7.4 and 7.5 data node rebalancing does not function correctly when using... High Unreviewed
CVE-2022-22480 was published Oct 7, 2022
IBM Maximo Asset Management 7.6.1.1 and 7.6.1.2 could allow a remote attacker to obtain sensitive... High Unreviewed
CVE-2021-38924 was published Sep 15, 2022
SPNEGO Extended Negotiation (NEGOEX) Security Mechanism Information Disclosure Vulnerability. High Unreviewed
CVE-2022-37958 was published Sep 14, 2022
A vulnerability in the binding configuration of Cisco SD-WAN vManage Software containers could... High Unreviewed
CVE-2022-20696 was published Sep 9, 2022
A local file inclusion (LFI) vulnerability in D-Link DIR 819 v1.06 allows attackers to cause a... High Unreviewed
CVE-2022-38258 was published Sep 9, 2022
A flaw was found in the Red Hat Advanced Cluster Security for Kubernetes. Notifier secrets were... High Unreviewed
CVE-2022-1902 was published Sep 2, 2022
Potential vulnerabilities have been identified in Micro Focus ArcSight Logger. The... High Unreviewed
CVE-2022-26330 was published Sep 1, 2022
SiteServerCMS 5.X has a Remote-download-Getshell-vulnerability via /SiteServer/Ajax... High Unreviewed
CVE-2022-36226 was published Aug 27, 2022
Tabit - Excessive data exposure. Another endpoint mapped by the tiny url, was one for reservation... High Unreviewed
CVE-2022-34775 was published Aug 23, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database