Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,871
Erlang
37
GitHub Actions
36
Go
2,517
Maven
5,000+
npm
4,150
NuGet
736
pip
3,952
Pub
12
RubyGems
946
Rust
1,026
Swift
39
Unreviewed advisories
All unreviewed
5,000+

567 advisories

Loading
A logic issue was addressed with improved restrictions. This issue is fixed in macOS Monterey 12... Moderate Unreviewed
CVE-2022-32883 was published Sep 21, 2022
Versions of IBM Spectrum Protect Plus prior to 10.1.12 (excluding 10.1.12) include the private... Moderate Unreviewed
CVE-2022-40234 was published Sep 20, 2022
drivers/scsi/stex.c in the Linux kernel through 5.19.9 allows local users to obtain sensitive... Moderate Unreviewed
CVE-2022-40768 was published Sep 19, 2022
Avdor CIS - crystal quality Credentials Management Errors. The product is phone call recorder,... Moderate Unreviewed
CVE-2022-36780 was published Sep 14, 2022
Windows Graphics Component Information Disclosure Vulnerability. This CVE ID is unique from CVE... Moderate Unreviewed
CVE-2022-38006 was published Sep 14, 2022
Windows Graphics Component Information Disclosure Vulnerability. This CVE ID is unique from CVE... Moderate Unreviewed
CVE-2022-35837 was published Sep 14, 2022
IBM Db2 for Linux, UNIX and Windows 9.7, 10.1, 10.5, 11.1, and 11.5 is vulnerable to an... Moderate Unreviewed
CVE-2022-22483 was published Sep 14, 2022
The mobile application in Transtek Mojodat FAM (Fixed Asset Management) 2.4.6 allows remote... Moderate Unreviewed
CVE-2022-38770 was published Sep 14, 2022
Improper restriction of broadcasting Intent in SaWebViewRelayActivity of?Waterplugin prior to... Moderate Unreviewed
CVE-2022-36875 was published Sep 10, 2022
The PlexTrac platform prior to version 1.28.0 allows for username enumeration via HTTP response... Moderate Unreviewed
CVE-2022-37146 was published Sep 9, 2022
Mailform Pro CGI 4.3.1 and earlier allow a remote unauthenticated attacker to obtain the user... Moderate Unreviewed
CVE-2022-38400 was published Sep 9, 2022
A vulnerability in the web-based management interface of AOS-CX could allow a remote... Moderate Unreviewed
CVE-2022-23690 was published Sep 7, 2022
Unauthenticated Sensitive Information Disclosure vulnerability Moderate
CVE-2022-34867 was published for libreform/libreform (Composer) Sep 7, 2022
IBM Cognos Analytics 11.1.7, 11.2.0, and 11.2.1 could allow a local attacker to obtain... Moderate Unreviewed
CVE-2021-39045 was published Sep 2, 2022
A credentials leak was found in the OpenShift Container Platform. The private key for the... Moderate Unreviewed
CVE-2022-2403 was published Sep 2, 2022
There is a flaw in convert2rhel. convert2rhel passes the Red Hat account password to subscription... Moderate Unreviewed
CVE-2022-0852 was published Aug 29, 2022
Authenticated (admin+) Arbitrary File Read vulnerability in XplodedThemes WPide plugin <= 2.6 at... Moderate Unreviewed
CVE-2022-35235 was published Aug 24, 2022
Dell PowerScale OneFS, versions 9.0.0 up to and including 9.1.0.19, 9.2.1.12, 9.3.0.6, and 9.4.0... Moderate Unreviewed
CVE-2022-31238 was published Aug 23, 2022
Browse restriction bypass vulnerability in Scheduler of Cybozu Office 10.0.0 to 10.8.5 allows a... Moderate Unreviewed
CVE-2022-25986 was published Aug 19, 2022
In Content, there is a possible way to learn gmail account name on the device due to a... Moderate Unreviewed
CVE-2022-20270 was published Aug 13, 2022
Insufficient policy enforcement in Background Fetch in Google Chrome prior to 104.0.5112.79... Moderate Unreviewed
CVE-2022-2610 was published Aug 13, 2022
In USB Manager, there is a possible way to determine whether an app is installed, without query... Moderate Unreviewed
CVE-2021-0975 was published Aug 12, 2022
In Settings, there is a possible way to determine whether an app is installed without query... Moderate Unreviewed
CVE-2021-0734 was published Aug 12, 2022
PendingIntent hijacking vulnerability in releaseAlarm in Charm by Samsung prior to version 1.2.3... Moderate Unreviewed
CVE-2022-36829 was published Aug 6, 2022
PendingIntent hijacking vulnerability in cancelAlarmManager in Charm by Samsung prior to version... Moderate Unreviewed
CVE-2022-36830 was published Aug 6, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database