Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
37
GitHub Actions
36
Go
2,499
Maven
5,000+
npm
4,143
NuGet
735
pip
3,947
Pub
12
RubyGems
945
Rust
1,025
Swift
39
Unreviewed advisories
All unreviewed
5,000+

11 advisories

Loading
Contrast vulnerability allows arbitrary host data Injection into container VOLUME mount points Low
GHSA-phhq-63jg-fp7r was published for github.com/edgelesssys/contrast (Go) Jul 9, 2025
burgerdev katexochen
thomasten
Dell SmartFabric OS10 Software, version(s) 10.5.6.x, 10.5.5.x, 10.5.4.x, 10.5.3.x, contain(s) a... Low Unreviewed
CVE-2024-48838 was published Nov 12, 2024
A vulnerability was found in Xinhu RockOA 2.3.2. It has been classified as problematic. This... Low Unreviewed
CVE-2023-5297 was published Sep 30, 2023
A vulnerability was found in Dreamer CMS up to 4.1.3. It has been classified as problematic.... Low Unreviewed
CVE-2023-4743 was published Sep 4, 2023
An access issue was addressed with improved access restrictions. This issue is fixed in macOS... Low Unreviewed
CVE-2022-42834 was published Jun 23, 2023
In Lima, a malicious disk image could read a single file on the host filesystem as a qcow2/vmdk backing file Low
CVE-2023-32684 was published for github.com/lima-vm/lima (Go) May 31, 2023
Exposure of Sensitive Information in GsmAlarmManager prior to SMR Jul-2022 Release 1 allows local... Low Unreviewed
CVE-2022-33686 was published Jul 13, 2022
A vulnerability in the ConfD server of the Cisco Elastic Services Controller (ESC) could allow an... Low Unreviewed
CVE-2018-0106 was published May 13, 2022
Implicit Intent hijacking vulnerability in ActivityMetricsLogger prior to SMR Jan-2022 Release 1... Low Unreviewed
CVE-2022-22267 was published Jan 11, 2022
Keeping sensitive data in unprotected BluetoothSettingsProvider prior to SMR Jan-2022 Release 1... Low Unreviewed
CVE-2022-22269 was published Jan 11, 2022
Insecure caller check in sharevia deeplink logic prior to Samsung Internet 16.0.2 allows... Low Unreviewed
CVE-2021-25521 was published Dec 9, 2021
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database