GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
21
Go
2,004
Maven
5,000+
npm
3,716
NuGet
661
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
132 advisories
Filter by severity
Electron webPreferences vulnerability can be used to perform remote code execution
High
CVE-2018-15685
was published
for
electron
(npm)
Aug 23, 2018
In miniadb, there is a possible way to get read/write access to recovery system properties due to...
High
Unreviewed
CVE-2021-39767
was published
Mar 31, 2022
Insecure Default Initialization of Resource in Pivotal Spring Web Flow
Moderate
CVE-2017-4971
was published
for
org.springframework.webflow:spring-webflow
(Maven)
May 13, 2022
A vulnerability has been identified in SIMATIC PCS 7 V9.0 and earlier (All versions), SIMATIC PCS...
High
Unreviewed
CVE-2022-24287
was published
May 21, 2022
Insecure Default Initialization of Resource in Pivotal Spring Web Flow
Moderate
CVE-2017-8039
was published
for
org.springframework.webflow:spring-webflow
(Maven)
May 13, 2022
WildFly vulnerable to Insecure Default Initialization of Resource
High
CVE-2022-1278
was published
for
org.wildfly.bom:wildfly
(Maven)
Sep 14, 2022
In CODESYS V2 PLCWinNT and Runtime Toolkit 32 in versions prior to V2.4.7.57 password protection...
Critical
Unreviewed
CVE-2022-31806
was published
Jun 25, 2022
Insecure default variable initialization in BIOS firmware for some Intel(R) NUC Boards and Intel...
Moderate
Unreviewed
CVE-2022-36349
was published
Nov 11, 2022
A vulnerability in SonicWall Global Management System (GMS), allow a remote user to gain access...
High
Unreviewed
CVE-2019-7476
was published
May 24, 2022
A vulnerability in the SSH key management for the Cisco Nexus 9000 Series Application Centric...
Critical
Unreviewed
CVE-2019-1804
was published
May 24, 2022
A flaw was found in Openshift. A pod with a DNSPolicy of "ClusterFirst" may incorrectly resolve...
High
Unreviewed
CVE-2022-3262
was published
Dec 8, 2022
In JetBrains TeamCity between 2022.10 and 2022.10.1 connecting to AWS using the "Default...
Moderate
Unreviewed
CVE-2022-46831
was published
Dec 8, 2022
In WiFi, there is a possible disclosure of WiFi password to the end user due to an insecure...
Low
Unreviewed
CVE-2022-20342
was published
Aug 13, 2022
In processPhonebookAccess of CachedBluetoothDevice.java, there is a possible permission bypass...
Low
Unreviewed
CVE-2019-2197
was published
May 24, 2022
Lansweeper 6.0.x through 7.2.x has a default installation in which the admin password is...
High
Unreviewed
CVE-2020-14011
was published
May 24, 2022
Dell PowerScale OneFS, versions 9.0.0, up to and including 9.1.0.19, 9.2.1.12, 9.3.0.6, and 9.4.0...
Moderate
Unreviewed
CVE-2022-32480
was published
Aug 23, 2022
Insecure default variable initialization in some Intel(R) Thunderbolt(TM) DCH drivers for Windows...
Moderate
Unreviewed
CVE-2020-12327
was published
May 24, 2022
Insecure default initialization of resource in Intel(R) Boot Guard in Intel(R) CSME versions...
Moderate
Unreviewed
CVE-2020-8705
was published
May 24, 2022
In permission declarations of DeviceAdminReceiver.java, there is a possible lack of broadcast...
High
Unreviewed
CVE-2021-0534
was published
May 24, 2022
Insecure default variable initialization for the Intel BSSA DFT feature may allow a privileged...
Moderate
Unreviewed
CVE-2021-0144
was published
May 24, 2022
Insecure default variable initialization for the Intel BSSA DFT feature may allow a privileged...
Moderate
Unreviewed
CVE-2021-0114
was published
May 24, 2022
nLight ECLYPSE (nECY) system Controllers running software prior to 1.17.21245.754 contain a...
High
Unreviewed
CVE-2021-40825
was published
May 24, 2022
The Orca HCM digital learning platform uses a weak factory default administrator password, which...
Critical
Unreviewed
CVE-2021-35965
was published
May 24, 2022
Dell EMC Integrated System for Microsoft Azure Stack Hub, versions 1906 – 2011, contain an...
Critical
Unreviewed
CVE-2021-21505
was published
May 24, 2022
Multiple vulnerabilities in the web-based management interface of the Cisco Catalyst Passive...
Critical
Unreviewed
CVE-2021-34795
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API