Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,293
Erlang
31
GitHub Actions
21
Go
2,061
Maven
5,000+
npm
3,744
NuGet
668
pip
3,423
Pub
12
RubyGems
892
Rust
875
Swift
36
Unreviewed advisories
All unreviewed
5,000+

291 advisories

Loading
Cronos vulnerable to DoS through unintended Contract Selfdestruct High
GHSA-gwj5-wp6r-5q9f was published for github.com/crypto-org-chain/cronos (Go) Aug 11, 2022
yihuang tomtau
tdunlap607
VMware vRealize Operations contains an information disclosure vulnerability. A low-privileged... High Unreviewed
CVE-2022-31673 was published Aug 11, 2022
Hardcoded JWT Token in Lin CMS Spring Boot High
CVE-2022-32430 was published for io.github.talelin:lin-cms-core (Maven) Jul 22, 2022
An access control issue in Wavlink WN530HG4 M30HG4.V5030.191116 allows attackers to obtain... High Unreviewed
CVE-2022-34047 was published Jul 21, 2022
Undertow vulnerable to Denial of Service (DoS) attacks High
CVE-2021-3859 was published for io.undertow:undertow-core (Maven) Jul 15, 2022
Vulnerability of pointers being incorrectly used during data transmission in the video framework.... High Unreviewed
CVE-2021-40012 was published Jul 13, 2022
Under special integration scenario of SAP Business one and SAP HANA - version 10.0, an attacker... High Unreviewed
CVE-2022-32249 was published Jul 13, 2022
Temporary Directory Hijacking to Local Privilege Escalation Vulnerability in org.springframework.boot:spring-boot High
CVE-2022-27772 was published for org.springframework.boot:spring-boot (Maven) Jul 11, 2022
trgpa JLLeitschuh
In IOBit Advanced System Care (AscService.exe) 15, an attacker with SEImpersonatePrivilege can... High Unreviewed
CVE-2022-24139 was published Jul 7, 2022
A CWE-668 Exposure of Resource to Wrong Sphere vulnerability exists that could cause users to be... High Unreviewed
CVE-2022-32530 was published Jun 25, 2022
An issue was discovered in function sync_tree in hetero_decision_tree_guest.py in WeBank FATE ... High Unreviewed
CVE-2020-25459 was published Jun 17, 2022
CA Automic Automation 12.2 and 12.3 contain an insecure memory handling vulnerability in the... High Unreviewed
CVE-2022-33751 was published Jun 17, 2022
CA Automic Automation 12.2 and 12.3 contain an insecure file creation and handling vulnerability... High Unreviewed
CVE-2022-33753 was published Jun 17, 2022
A vulnerability in live_check.shtml of WAVLINK WN535 G3 M35G3R.V5030.180927 allows attackers to... High Unreviewed
CVE-2022-31845 was published Jun 15, 2022
A vulnerability in live_mfg.shtml of WAVLINK WN535 G3 M35G3R.V5030.180927 allows attackers to... High Unreviewed
CVE-2022-31846 was published Jun 15, 2022
A vulnerability in /cgi-bin/ExportAllSettings.sh of WAVLINK WN579 X3 M79X3.V5030.180719 allows... High Unreviewed
CVE-2022-31847 was published Jun 15, 2022
A vulnerability in live_mfg.shtml of WAVLINK AERIAL X 1200M M79X3.V5030.191012 allows attackers... High Unreviewed
CVE-2022-31308 was published Jun 15, 2022
A vulnerability in live_check.shtml of WAVLINK AERIAL X 1200M M79X3.V5030.180719 allows attackers... High Unreviewed
CVE-2022-31309 was published Jun 15, 2022
ownCloud owncloud/core before 10.10.0 Improperly Removes Sensitive Information Before Storage or... High Unreviewed
CVE-2022-31649 was published Jun 10, 2022
Exposure of Sensitive Information vulnerability in Samsung Account prior to version 13.2.00.6... High Unreviewed
CVE-2022-30732 was published Jun 8, 2022
Missing caller check in Smart Things prior to version 1.7.85.12 allows attacker to access... High Unreviewed
CVE-2022-30746 was published Jun 8, 2022
All versions of Elastic Cloud Enterprise has the Elasticsearch “anonymous” user enabled by... High Unreviewed
CVE-2021-22146 was published May 24, 2022
A cache configuration issue prior to WhatsApp for Android v2.21.4.18 and WhatsApp Business for... High Unreviewed
CVE-2021-24027 was published May 24, 2022
A Cross-Origin Resource Sharing (CORS) vulnerability found in UniFi Protect application Version 1... High Unreviewed
CVE-2021-22957 was published May 24, 2022
An exploitable local privilege elevation vulnerability exists in the file system permissions of... High Unreviewed
CVE-2018-4048 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database