GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,733
Composer 4,238
Erlang 31
GitHub Actions 21
Go 2,005
Maven 5,193
npm 3,716
NuGet 661
pip 3,388
Pub 11
RubyGems 885
Rust 851
Swift 36

Unreviewed advisories

All unreviewed 235,706

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

109 advisories

Filter by severity

Sort by

Least recently updated

In miniadb, there is a possible way to get read/write access to recovery system properties due to... High Unreviewed

CVE-2021-39767 was published Mar 31, 2022

A vulnerability has been identified in SIMATIC PCS 7 V9.0 and earlier (All versions), SIMATIC PCS... High Unreviewed

CVE-2022-24287 was published May 21, 2022

In CODESYS V2 PLCWinNT and Runtime Toolkit 32 in versions prior to V2.4.7.57 password protection... Critical Unreviewed

CVE-2022-31806 was published Jun 25, 2022

Insecure default variable initialization in BIOS firmware for some Intel(R) NUC Boards and Intel... Moderate Unreviewed

CVE-2022-36349 was published Nov 11, 2022

A vulnerability in SonicWall Global Management System (GMS), allow a remote user to gain access... High Unreviewed

CVE-2019-7476 was published May 24, 2022

A vulnerability in the SSH key management for the Cisco Nexus 9000 Series Application Centric... Critical Unreviewed

CVE-2019-1804 was published May 24, 2022

A flaw was found in Openshift. A pod with a DNSPolicy of "ClusterFirst" may incorrectly resolve... High Unreviewed

CVE-2022-3262 was published Dec 8, 2022

In JetBrains TeamCity between 2022.10 and 2022.10.1 connecting to AWS using the "Default... Moderate Unreviewed

CVE-2022-46831 was published Dec 8, 2022

In WiFi, there is a possible disclosure of WiFi password to the end user due to an insecure... Low Unreviewed

CVE-2022-20342 was published Aug 13, 2022

In processPhonebookAccess of CachedBluetoothDevice.java, there is a possible permission bypass... Low Unreviewed

CVE-2019-2197 was published May 24, 2022

Lansweeper 6.0.x through 7.2.x has a default installation in which the admin password is... High Unreviewed

CVE-2020-14011 was published May 24, 2022

Dell PowerScale OneFS, versions 9.0.0, up to and including 9.1.0.19, 9.2.1.12, 9.3.0.6, and 9.4.0... Moderate Unreviewed

CVE-2022-32480 was published Aug 23, 2022

Insecure default variable initialization in some Intel(R) Thunderbolt(TM) DCH drivers for Windows... Moderate Unreviewed

CVE-2020-12327 was published May 24, 2022

Insecure default initialization of resource in Intel(R) Boot Guard in Intel(R) CSME versions... Moderate Unreviewed

CVE-2020-8705 was published May 24, 2022

In permission declarations of DeviceAdminReceiver.java, there is a possible lack of broadcast... High Unreviewed

CVE-2021-0534 was published May 24, 2022

Insecure default variable initialization for the Intel BSSA DFT feature may allow a privileged... Moderate Unreviewed

CVE-2021-0144 was published May 24, 2022

Insecure default variable initialization for the Intel BSSA DFT feature may allow a privileged... Moderate Unreviewed

CVE-2021-0114 was published May 24, 2022

nLight ECLYPSE (nECY) system Controllers running software prior to 1.17.21245.754 contain a... High Unreviewed

CVE-2021-40825 was published May 24, 2022

The Orca HCM digital learning platform uses a weak factory default administrator password, which... Critical Unreviewed

CVE-2021-35965 was published May 24, 2022

Dell EMC Integrated System for Microsoft Azure Stack Hub, versions 1906 – 2011, contain an... Critical Unreviewed

CVE-2021-21505 was published May 24, 2022

Multiple vulnerabilities in the web-based management interface of the Cisco Catalyst Passive... Critical Unreviewed

CVE-2021-34795 was published May 24, 2022

In Apache CouchDB prior to 3.2.2, an attacker can access an improperly secured default... Critical Unreviewed

CVE-2022-24706 was published Apr 27, 2022

A flaw was found in servicemesh-operator. The NetworkPolicy resources installed for Maistra do... Critical Unreviewed

CVE-2021-3586 was published Aug 23, 2022

In applyKeyguardFlags of NotificationShadeWindowControllerImpl.java, there is a possible way to... Moderate Unreviewed

CVE-2022-20466 was published Dec 13, 2022

Arris Touchstone Telephony Gateway TG1682G 9.1.103J6 devices are distributed by some ISPs with a... Moderate Unreviewed

CVE-2018-10989 was published May 13, 2022

Previous 1 2 3 4 5 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

109 advisories