GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,483
Composer 4,168
Erlang 30
GitHub Actions 19
Go 1,978
Maven 5,153
npm 3,698
NuGet 656
pip 3,315
Pub 11
RubyGems 882
Rust 832
Swift 35

Unreviewed advisories

All unreviewed 232,760

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

9,879 advisories

Filter by severity

Sort by

Least recently updated

Insufficient input validation in the SMU may allow a physical attacker to exfiltrate SMU memory... Low Unreviewed

CVE-2023-20528 was published Jan 11, 2023

yaws_config.erl in Yaws through 2.0.2 and/or 2.0.7 loads obsolete TLS ciphers, as demonstrated by... Low Unreviewed

CVE-2020-12872 was published May 24, 2022

In createAdminSupportIntent of DevicePolicyManagerService.java, there is a possible way to... Low Unreviewed

CVE-2021-0983 was published Dec 16, 2021

Unprotected Activity in AppLock prior to SMR Mar-2022 Release 1 allows attacker to change the... Low Unreviewed

CVE-2022-24929 was published Mar 11, 2022

IBM Spectrum Protect Operations Center 8.1.0.000 through 8.1.13.xxx is vulnerable to reverse... Low Unreviewed

CVE-2022-22348 was published Mar 15, 2022

** DISPUTED ** An issue was discovered in OpenSSH before 8.9. If a client is using public-key... Low Unreviewed

CVE-2021-36368 was published Mar 14, 2022

Adobe Character Animator version 4.4 (and earlier versions) are affected by an out-of-bounds read... Low Unreviewed

CVE-2021-40769 was published Mar 17, 2022

Adobe Character Animator version 4.4 (and earlier versions) are affected by an out-of-bounds read... Low Unreviewed

CVE-2021-40766 was published Mar 17, 2022

Cross-site scripting (XSS) vulnerability in the Messaging module 6.x-2.x before 6.x-2.4 and 6.x-4... Low Unreviewed

CVE-2011-1066 was published May 17, 2022

The rfbSendFramebufferUpdate function in server/libvncserver/rfbserver.c in vino-server in Vino 2... Low Unreviewed

CVE-2011-0904 was published May 17, 2022

lnsfw1.sys 6.0.2900.5512 in Look 'n' Stop Firewall 2.06p4 and 2.07 allows local users to cause a... Low Unreviewed

CVE-2011-0652 was published May 17, 2022

The class file parser in IBM Java before 1.4.2 SR13 FP9, as used in IBM Runtimes for Java... Low Unreviewed

CVE-2011-0311 was published May 17, 2022

HP Multifunction Peripheral (MFP) Digital Sending Software (DSS) 4.91.00 does not properly... Low Unreviewed

CVE-2011-0279 was published May 17, 2022

Oracle Solaris 8, 9, and 10 stores back-out patch files (undo.Z) unencrypted with world-readable... Low Unreviewed

CVE-2011-0412 was published May 17, 2022

WebKit in Apple Safari before 5.0.4, when the Web Inspector is used, does not properly handle the... Low Unreviewed

CVE-2011-0169 was published May 17, 2022

Unspecified vulnerability in Oracle Solaris 10 allows local users to affect confidentiality and... Low Unreviewed

CVE-2010-4460 was published May 17, 2022

MyBB (aka MyBulletinBoard) before 1.4.12 allows remote authenticated users to bypass intended... Low Unreviewed

CVE-2010-4624 was published May 17, 2022

Linux kernel 2.6.33 and 2.6.34.y does not initialize the kvm_vcpu_events->interrupt.pad structure... Low Unreviewed

CVE-2010-4525 was published May 17, 2022

An authentication issue was addressed with improved state management. This issue is fixed in... Low Unreviewed

CVE-2022-22656 was published Mar 19, 2022

An issue with app access to camera metadata was addressed with improved logic. This issue is... Low Unreviewed

CVE-2022-22598 was published Mar 19, 2022

An insecure permissions vulnerability in Snapt Aria v12.8 allows unauthenticated attackers to... Low Unreviewed

CVE-2022-24236 was published Mar 22, 2022

Description: A permissions issue was addressed with improved validation. This issue is fixed in... Low Unreviewed

CVE-2022-22599 was published Mar 19, 2022

Philips Gemini PET/CT family software stores sensitive information in a removable media device... Low Unreviewed

CVE-2021-27456 was published Mar 24, 2022

A vulnerability classified as problematic has been found in Mirmay Secure Private Browser and... Low Unreviewed

CVE-2018-25030 was published Mar 29, 2022

Cross-site scripting (XSS) vulnerability in DaDaBIK before 4.3 beta2, when the insert or edit... Low Unreviewed

CVE-2010-4355 was published May 17, 2022

Previous 1 2 3 4 5 … 395 396 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

9,879 advisories