GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,614
Composer 4,224
Erlang 31
GitHub Actions 19
Go 1,990
Maven 5,170
npm 3,706
NuGet 661
pip 3,336
Pub 11
RubyGems 884
Rust 845
Swift 36

Unreviewed advisories

All unreviewed 234,553

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

8,920 advisories

Filter by severity

Sort by

Least recently updated

An information disclosure vulnerability exists due to the hardcoded TLS key of reolink RLC-410W... Moderate Unreviewed

CVE-2022-21199 was published Jan 29, 2022

Linux kernel 2.6.33 and 2.6.34.y does not initialize the kvm_vcpu_events->interrupt.pad structure... Low Unreviewed

CVE-2010-4525 was published May 17, 2022

Active IQ Unified Manager for VMware vSphere, Linux, and Microsoft Windows versions prior to 9... Moderate Unreviewed

CVE-2022-23235 was published Aug 26, 2022

Insertion of Sensitive Information into Externally-Accessible File or Directory and Exposure of Sensitive Information to an Unauthorized Actor in hbs Moderate

CVE-2021-32822 was published for hbs (npm) Sep 2, 2021

Sylius PayPal Plugin allows unauthorized access to Credit card form, exposing payer name and not requiring 3DS High

CVE-2021-41120 was published for sylius/paypal-plugin (Composer) Oct 6, 2021

Exposure of Sensitive Information to an Unauthorized Actor Moderate

CVE-2021-32712 was published for shopware/shopware (Composer) Sep 8, 2021

Accounted time is shown in the Ticket Detail View (External Interface), even if ExternalFrontend:... Moderate Unreviewed

CVE-2022-1004 was published Mar 22, 2022

This issue was addressed with improved checks. This issue is fixed in tvOS 15.4, iOS 15.4 and... Moderate Unreviewed

CVE-2022-22621 was published Mar 19, 2022

IBM Business Automation Workflow 18.0, 19.0, 20.0, and 21.0 and IBM Business Process Manager 8.5... Moderate Unreviewed

CVE-2021-39046 was published Mar 19, 2022

MotionEye v0.42.1 and below allows attackers to access sensitive information via a GET request to... High Unreviewed

CVE-2022-25568 was published Mar 25, 2022

Bluedon Information Security Technologies Co.,Ltd Internet Access Detector v1.0 was discovered to... High Unreviewed

CVE-2022-25571 was published Mar 25, 2022

The Reporting module in Aseco Lietuva document management system DVS Avilys before 2022-03-10... High Unreviewed

CVE-2022-27192 was published Mar 25, 2022

Unspecified vulnerability in the mod_mono module for XSP in Mono 2.8.x before 2.8.2 allows remote... Moderate Unreviewed

CVE-2010-4225 was published May 17, 2022

admin/upgrade_unattended.php in MantisBT before 1.2.4 allows remote attackers to obtain sensitive... Moderate Unreviewed

CVE-2010-4349 was published May 17, 2022

Photos in Apple iOS before 4.2 enables support for HTTP Basic Authentication over an unencrypted... Moderate Unreviewed

CVE-2010-3831 was published May 17, 2022

SAP BusinessObjects Enterprise XI 3.2 allows remote attackers to trigger TCP connections to... Moderate Unreviewed

CVE-2010-3982 was published May 17, 2022

The Old Charts implementation in Bugzilla 2.12 through 3.2.8, 3.4.8, 3.6.2, 3.7.3, and 4.1... Moderate Unreviewed

CVE-2010-3764 was published May 17, 2022

HP Asset Manager 9.40 and 9.41 before 9.41.11103 P4-rev1 and 9.50 before 9.50.11925 P3 allows... Low Unreviewed

CVE-2015-5448 was published May 17, 2022

ImageIO in Apple iOS before 8.4.1 and OS X before 10.10.5 does not properly initialize an... Moderate Unreviewed

CVE-2015-5781 was published May 17, 2022

The Citibank Citi Mobile app before 2.0.3 for iOS stores account data in a file, which allows... Low Unreviewed

CVE-2010-2913 was published May 17, 2022

The vSphere Web Client (FLEX/Flash) contains an unauthorized arbitrary file read vulnerability. A... High Unreviewed

CVE-2021-21980 was published Nov 25, 2021

The Sandbox_profiles component in Apple iOS before 8.4.1 allows attackers to bypass the third... Moderate Unreviewed

CVE-2015-5749 was published May 17, 2022

An information disclosure vulnerability in Webadmin allows an unauthenticated remote attacker to... Moderate Unreviewed

CVE-2022-0331 was published Mar 30, 2022

Wyse Device Agent version 14.6.1.4 and below contain a sensitive data exposure vulnerability. A... Moderate Unreviewed

CVE-2022-23158 was published Apr 2, 2022

Wyse Device Agent version 14.6.1.4 and below contain a sensitive data exposure vulnerability. A... Moderate Unreviewed

CVE-2022-23157 was published Apr 2, 2022

Previous 1 2 3 4 5 6 … 356 357 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

8,920 advisories