Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,293
Erlang
31
GitHub Actions
21
Go
2,061
Maven
5,000+
npm
3,744
NuGet
668
pip
3,423
Pub
12
RubyGems
892
Rust
875
Swift
36
Unreviewed advisories
All unreviewed
5,000+

291 advisories

Loading
Agent-to-controller security bypass in Jenkins Debian Package Builder Plugin High
CVE-2022-23118 was published for ru.yandex.jenkins.plugins.debuilder:debian-package-builder (Maven) Jan 13, 2022
westonsteimel
Windows GDI+ Information Disclosure Vulnerability. This CVE ID is unique from CVE-2022-21915. High Unreviewed
CVE-2022-21880 was published Jan 12, 2022
Windows GDI Information Disclosure Vulnerability. High Unreviewed
CVE-2022-21904 was published Jan 12, 2022
The distributed data service component has a vulnerability in data access control. Successful... High Unreviewed
CVE-2021-40005 was published Jan 11, 2022
Abomonation transmutes &T to and from &[u8] without sufficient constraints High
CVE-2021-45708 was published for abomonation (Rust) Jan 6, 2022
Improper access control while doing XPU re-configuration dynamically can lead to unauthorized... High Unreviewed
CVE-2021-30276 was published Jan 4, 2022
There is an Unauthorized file access vulnerability in Smartphones.Successful exploitation of this... High Unreviewed
CVE-2021-37133 was published Jan 4, 2022
There is an Unauthorized file access vulnerability in Smartphones.Successful exploitation of this... High Unreviewed
CVE-2021-39969 was published Jan 4, 2022
MyHuawei-App has a Exposure of Sensitive Information to an Unauthorized Actor vulnerability... High Unreviewed
CVE-2021-39972 was published Jan 4, 2022
An issue was discovered in BS_RCIO64.sys in Biostar RACING GT Evo 2.1.1905.1700. A low-integrity... High Unreviewed
CVE-2021-44852 was published Jan 2, 2022
Go before 1.16.12 and 1.17.x before 1.17.5 on UNIX allows write operations to an unintended file... High Unreviewed
CVE-2021-44717 was published Jan 2, 2022
Emuse - eServices / eNvoice Exposure Of Private Personal Information due to lack of... High Unreviewed
CVE-2021-36723 was published Dec 30, 2021
An arbitrary file download vulnerability in jeecg v3.8 allows attackers to access sensitive files... High Unreviewed
CVE-2020-20948 was published Dec 28, 2021
An Improper Access Control Vulnerability in the SMA100 series leads to multiple restricted... High Unreviewed
CVE-2021-20050 was published Dec 24, 2021
Insecure permissions on user namespace / fakeroot temporary rootfs in Singularity High
CVE-2020-25039 was published for github.com/sylabs/singularity (Go) Dec 20, 2021
xman
An issue was discovered in HTCondor before 8.8.15, 9.0.x before 9.0.4, and 9.1.x before 9.1.2.... High Unreviewed
CVE-2021-45101 was published Dec 17, 2021
Microsoft Message Queuing Information Disclosure Vulnerability This CVE ID is unique from CVE... High Unreviewed
CVE-2021-43222 was published Dec 16, 2021
Microsoft Defender for IoT Information Disclosure Vulnerability High Unreviewed
CVE-2021-43888 was published Dec 16, 2021
Product: AndroidVersions: Android kernelAndroid ID: A-195580473References: N/A High Unreviewed
CVE-2021-1045 was published Dec 16, 2021
Product: AndroidVersions: Android kernelAndroid ID: A-201537251References: N/A High Unreviewed
CVE-2021-39646 was published Dec 16, 2021
A vulnerability has been identified in SiPass integrated V2.76 (All versions), SiPass integrated... High Unreviewed
CVE-2021-44522 was published Dec 15, 2021
An issue was discovered in Listary through 6. An attacker can create a \\.\pipe\Listary... High Unreviewed
CVE-2021-41065 was published Dec 15, 2021
IBM Db2 9.7, 10.1, 10.5, 11.1, and 11.5 may be vulnerable to an Information Disclosure when using... High Unreviewed
CVE-2021-20373 was published Dec 10, 2021
A denial-of-service attack in WPA2, and WPA3-SAE authentication methods in TP-Link AX10v1 before... High Unreviewed
CVE-2021-40288 was published Dec 8, 2021
Successful exploitation of this vulnerability could allow an unauthorized user to access... High Unreviewed
CVE-2021-36198 was published Dec 7, 2021
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database