GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
35 advisories
Filter by severity
Insecure Default Initialization of Resource in Pivotal Spring Web Flow
Moderate
CVE-2017-4971
was published
for
org.springframework.webflow:spring-webflow
(Maven)
May 13, 2022
Insecure Default Initialization of Resource in Pivotal Spring Web Flow
Moderate
CVE-2017-8039
was published
for
org.springframework.webflow:spring-webflow
(Maven)
May 13, 2022
Insecure default variable initialization in BIOS firmware for some Intel(R) NUC Boards and Intel...
Moderate
Unreviewed
CVE-2022-36349
was published
Nov 11, 2022
In JetBrains TeamCity between 2022.10 and 2022.10.1 connecting to AWS using the "Default...
Moderate
Unreviewed
CVE-2022-46831
was published
Dec 8, 2022
Dell PowerScale OneFS, versions 9.0.0, up to and including 9.1.0.19, 9.2.1.12, 9.3.0.6, and 9.4.0...
Moderate
Unreviewed
CVE-2022-32480
was published
Aug 23, 2022
Insecure default variable initialization in some Intel(R) Thunderbolt(TM) DCH drivers for Windows...
Moderate
Unreviewed
CVE-2020-12327
was published
May 24, 2022
Insecure default initialization of resource in Intel(R) Boot Guard in Intel(R) CSME versions...
Moderate
Unreviewed
CVE-2020-8705
was published
May 24, 2022
Insecure default variable initialization for the Intel BSSA DFT feature may allow a privileged...
Moderate
Unreviewed
CVE-2021-0144
was published
May 24, 2022
Insecure default variable initialization for the Intel BSSA DFT feature may allow a privileged...
Moderate
Unreviewed
CVE-2021-0114
was published
May 24, 2022
In applyKeyguardFlags of NotificationShadeWindowControllerImpl.java, there is a possible way to...
Moderate
Unreviewed
CVE-2022-20466
was published
Dec 13, 2022
Arris Touchstone Telephony Gateway TG1682G 9.1.103J6 devices are distributed by some ISPs with a...
Moderate
Unreviewed
CVE-2018-10989
was published
May 13, 2022
In Elastic Cloud Enterprise (ECE) versions prior to 1.1.4 a default master encryption key is used...
Moderate
Unreviewed
CVE-2018-3825
was published
May 13, 2022
wp-mail.php in WordPress before 4.7.1 might allow remote attackers to bypass intended posting...
Moderate
Unreviewed
CVE-2017-5491
was published
May 13, 2022
makepasswd 1.10 default settings generate insecure passwords
Moderate
Unreviewed
CVE-2010-2247
was published
Apr 21, 2022
Insecure Boot Image vulnerability in Hitachi Energy Relion Relion 670/650/SAM600-IO series allows...
Moderate
Unreviewed
CVE-2021-35535
was published
Nov 19, 2021
An insecure default vulnerability exists in the Post Creation functionality of Ghost Foundation...
Moderate
Unreviewed
CVE-2022-47196
was published
Jan 19, 2023
An insecure default vulnerability exists in the Post Creation functionality of Ghost Foundation...
Moderate
Unreviewed
CVE-2022-47194
was published
Jan 19, 2023
User data exposure in Apache InLong
Moderate
CVE-2023-31101
was published
for
org.apache.inlong:manager-dao
(Maven)
May 22, 2023
Insecure Default Initialization In Liferay Portal
Moderate
CVE-2023-33949
was published
for
com.liferay.portal:release.portal.bom
(Maven)
May 24, 2023
On an msdosfs filesystem, the 'truncate' or 'ftruncate' system calls under certain circumstances...
Moderate
Unreviewed
CVE-2023-5368
was published
Oct 4, 2023
Default swagger-ui configuration exposes all files in the module
Moderate
CVE-2024-22207
was published
for
@fastify/swagger-ui
(npm)
Jan 16, 2024
In Liferay Portal 7.2.0 through 7.4.3.25, and older unsupported versions, and Liferay DXP 7.4...
Moderate
Unreviewed
CVE-2024-26267
was published
Feb 20, 2024
The Last.fm desktop app (Last.fm Scrobbler) through 2.1.39 on macOS makes HTTP requests that...
Moderate
Unreviewed
CVE-2019-19251
was published
May 24, 2022
An Insecure Default Initialization of Resource vulnerability in Juniper Networks Junos OS Evolved...
Moderate
Unreviewed
CVE-2023-28978
was published
Apr 18, 2023
An issue was discovered in Svakom Siime Eye 14.1.00000001.3.330.0.0.3.14. By sending a set_params...
Moderate
Unreviewed
CVE-2020-11915
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API