Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,869
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,119
NuGet
735
pip
3,941
Pub
12
RubyGems
945
Rust
1,018
Swift
39
Unreviewed advisories
All unreviewed
5,000+

12,422 advisories

Loading
In ArrayMap, there is a possible leak of the content of SMS messages due to log information... Low Unreviewed
CVE-2021-39739 was published Mar 31, 2022
Cross-Site Request Forgery in YOURLS Low
CVE-2022-0088 was published for yourls/yourls (Composer) Apr 4, 2022
A business logic error in Project Import in GitLab CE/EE versions 14.9 prior to 14.9.2, 14.8... Low Unreviewed
CVE-2022-1111 was published Apr 5, 2022
A vulnerability classified as problematic has been found in Linux Kernel. Affected is the... Low Unreviewed
CVE-2022-3633 was published Oct 21, 2022
Unspecified vulnerability in the Oracle Applications Framework component in Oracle E-Business... Low Unreviewed
CVE-2015-4865 was published May 17, 2022
Unspecified vulnerability in the Hyperion Installation Technology component in Oracle Hyperion 11... Low Unreviewed
CVE-2015-4823 was published May 17, 2022
A flaw was found in the Linux kernels implementation of audit rules, where a syscall can... Low Unreviewed
CVE-2020-35501 was published Mar 31, 2022
Improper access control vulnerability in SamsungContacts prior to SMR Apr-2022 Release 1 allows... Low Unreviewed
CVE-2022-26090 was published Apr 12, 2022
Missing sanitization of logged exception messages in all versions prior to 14.7.7, 14.8 prior to... Low Unreviewed
CVE-2022-1157 was published Apr 12, 2022
Dell PowerScale OneFS, versions 8.2.2-9.3.x, contain a time-of-check-to-time-of-use vulnerability... Low Unreviewed
CVE-2022-24413 was published Apr 13, 2022
Improper authentication in ImsService prior to SMR Apr-2022 Release 1 allows attackers to get... Low Unreviewed
CVE-2022-25833 was published Apr 12, 2022
Unspecified vulnerability in Oracle Sun Solaris 11.2 allows local users to affect confidentiality... Low Unreviewed
CVE-2015-4834 was published May 17, 2022
Unspecified vulnerability in the Oracle Agile PLM component in Oracle Supply Chain Products Suite... Low Unreviewed
CVE-2015-4824 was published May 17, 2022
Unspecified vulnerability in Oracle Sun Solaris 11.2 allows local users to affect availability... Low Unreviewed
CVE-2015-4822 was published May 17, 2022
A vulnerability was found in Linux Kernel. It has been declared as problematic. This... Low Unreviewed
CVE-2022-3629 was published Oct 21, 2022
Hard-coded credentials in the B. Braun Melsungen AG SpaceCom Version L81/U61 and earlier, and the... Low Unreviewed
CVE-2020-25168 was published Apr 15, 2022
Improper boundary check in media.extractor library prior to SMR Apr-2022 Release 1 allows... Low Unreviewed
CVE-2022-27832 was published Apr 12, 2022
Exposure of Resource to Wrong Sphere in Simple-Wayland-HotKey-Daemon Low
CVE-2022-27814 was published for Simple-Wayland-HotKey-Daemon (Rust) Apr 15, 2022
Shinyzenith
Unspecified vulnerability in the Oracle Agile PLM component in Oracle Supply Chain Products Suite... Low Unreviewed
CVE-2015-4892 was published May 17, 2022
The Aardvertiser component before 2.2.1 for Joomla! uses insecure permissions (777) in... Low Unreviewed
CVE-2010-3028 was published May 17, 2022
The slirp_smb function in net/slirp.c in QEMU 2.3.0 and earlier creates temporary files with... Low Unreviewed
CVE-2015-4037 was published May 17, 2022
Unspecified vulnerability in Oracle MySQL Server 5.6.26 and earlier allows remote authenticated... Low Unreviewed
CVE-2015-4890 was published May 17, 2022
Lockbox in EMC Documentum D2 before 4.5 uses a hardcoded passphrase when a server lacks a D2... Low Unreviewed
CVE-2015-4537 was published May 17, 2022
Cross-site scripting (XSS) vulnerability in the Performance logging module in the Devel module 5... Low Unreviewed
CVE-2010-3022 was published May 17, 2022
Cross-site scripting (XSS) vulnerability in modules/headlines/magpierss/scripts/magpie_debug.php... Low Unreviewed
CVE-2010-2852 was published May 17, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database