Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,299
Erlang
31
GitHub Actions
21
Go
2,064
Maven
5,000+
npm
3,744
NuGet
668
pip
3,424
Pub
12
RubyGems
892
Rust
877
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

242 advisories

Loading
BigAnt Software BigAnt Server v5.6.06 was discovered to contain incorrect access control. High Unreviewed
CVE-2022-23345 was published Mar 22, 2022
Piwigo v12.2.0 was discovered to contain an information leak via the action parameter in /admin... High Unreviewed
CVE-2022-26267 was published Mar 20, 2022
An information disclosure issue was addressed with improved state management. This issue is fixed... High Unreviewed
CVE-2022-22579 was published Mar 19, 2022
Improper access control vulnerability in McAfee WebAdvisor Chrome and Edge browser extensions up... High Unreviewed
CVE-2022-0815 was published Mar 12, 2022
There is an unauthorized access vulnerability in system components. Successful exploitation of... High Unreviewed
CVE-2021-40051 was published Mar 11, 2022
Skype Extension for Chrome Information Disclosure Vulnerability. High Unreviewed
CVE-2022-24522 was published Mar 10, 2022
A vulnerability has been identified in Mendix Applications using Mendix 7 (All versions < V7.23... High Unreviewed
CVE-2022-24309 was published Mar 9, 2022
** DISPUTED ** The Visual Voice Mail (VVM) application through 2022-02-24 for Android allows... High Unreviewed
CVE-2022-23835 was published Feb 26, 2022
CobaltStrike <=4.5 HTTP(S) listener does not determine whether the request URL begins with "/",... High Unreviewed
CVE-2022-23317 was published Feb 16, 2022
Splashtop Streamer through 3.4.8.3 creates a Temporary File in a Directory with Insecure... High Unreviewed
CVE-2021-42712 was published Feb 16, 2022
** UNSUPPORTED WHEN ASSIGNED ** Emerson Dixell XWEB-500 products are affected by information... High Unreviewed
CVE-2021-45421 was published Feb 15, 2022
A CWE-200: Information Exposure vulnerability exists that could cause sensitive information of... High Unreviewed
CVE-2021-22785 was published Feb 12, 2022
The --mirror documentation for Git through 2.35.1 does not mention the availability of deleted... High Unreviewed
CVE-2022-24975 was published Feb 12, 2022
Thinfinity VirtualUI 2.1.28.0, 2.1.32.1 and 2.5.26.2, fixed in version 3.0 is affected by an... High Unreviewed
CVE-2021-46354 was published Feb 10, 2022
Windows Services for NFS ONCRPC XDR Driver Information Disclosure Vulnerability. High Unreviewed
CVE-2022-21993 was published Feb 10, 2022
PrinterLogic Web Stack versions 19.1.1.13 SP9 and below are vulnerable to an Insecure Direct... High Unreviewed
CVE-2021-42641 was published Feb 9, 2022
In DataEase v1.6.1, an authenticated user can gain unauthorized access to all user information... High Unreviewed
CVE-2022-23331 was published Feb 9, 2022
Windows GDI+ Information Disclosure Vulnerability. This CVE ID is unique from CVE-2022-21915. High Unreviewed
CVE-2022-21880 was published Jan 12, 2022
Windows GDI Information Disclosure Vulnerability. High Unreviewed
CVE-2022-21904 was published Jan 12, 2022
The distributed data service component has a vulnerability in data access control. Successful... High Unreviewed
CVE-2021-40005 was published Jan 11, 2022
Improper access control while doing XPU re-configuration dynamically can lead to unauthorized... High Unreviewed
CVE-2021-30276 was published Jan 4, 2022
There is an Unauthorized file access vulnerability in Smartphones.Successful exploitation of this... High Unreviewed
CVE-2021-37133 was published Jan 4, 2022
There is an Unauthorized file access vulnerability in Smartphones.Successful exploitation of this... High Unreviewed
CVE-2021-39969 was published Jan 4, 2022
MyHuawei-App has a Exposure of Sensitive Information to an Unauthorized Actor vulnerability... High Unreviewed
CVE-2021-39972 was published Jan 4, 2022
An issue was discovered in BS_RCIO64.sys in Biostar RACING GT Evo 2.1.1905.1700. A low-integrity... High Unreviewed
CVE-2021-44852 was published Jan 2, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database