GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,018
Composer 4,300
Erlang 31
GitHub Actions 21
Go 2,069
Maven 5,241
npm 3,744
NuGet 668
pip 3,429
Pub 12
RubyGems 892
Rust 880
Swift 36

Unreviewed advisories

All unreviewed 240,397

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

242 advisories

Filter by severity

Sort by

Least recently updated

A flaw was found in the Red Hat Advanced Cluster Security for Kubernetes. Notifier secrets were... High Unreviewed

CVE-2022-1902 was published Sep 2, 2022

Potential vulnerabilities have been identified in Micro Focus ArcSight Logger. The... High Unreviewed

CVE-2022-26330 was published Sep 1, 2022

SiteServerCMS 5.X has a Remote-download-Getshell-vulnerability via /SiteServer/Ajax... High Unreviewed

CVE-2022-36226 was published Aug 27, 2022

Tabit - Excessive data exposure. Another endpoint mapped by the tiny url, was one for reservation... High Unreviewed

CVE-2022-34775 was published Aug 23, 2022

Emerson Electric's Proficy Machine Edition Version 9.00 and prior is vulenrable to CWE-284... High Unreviewed

CVE-2022-2792 was published Aug 20, 2022

Ampere Altra before SRP 1.08b and Altra Max? before SRP 2.05 allow information disclosure of... High Unreviewed

CVE-2021-45454 was published Aug 18, 2022

There is an improper access control vulnerability in Portal for ArcGIS versions 10.8.1 and below... High Unreviewed

CVE-2022-38184 was published Aug 17, 2022

VMware vRealize Operations contains an information disclosure vulnerability. A low-privileged... High Unreviewed

CVE-2022-31673 was published Aug 11, 2022

An access control issue in Wavlink WN530HG4 M30HG4.V5030.191116 allows attackers to obtain... High Unreviewed

CVE-2022-34047 was published Jul 21, 2022

Vulnerability of pointers being incorrectly used during data transmission in the video framework.... High Unreviewed

CVE-2021-40012 was published Jul 13, 2022

Under special integration scenario of SAP Business one and SAP HANA - version 10.0, an attacker... High Unreviewed

CVE-2022-32249 was published Jul 13, 2022

In IOBit Advanced System Care (AscService.exe) 15, an attacker with SEImpersonatePrivilege can... High Unreviewed

CVE-2022-24139 was published Jul 7, 2022

A CWE-668 Exposure of Resource to Wrong Sphere vulnerability exists that could cause users to be... High Unreviewed

CVE-2022-32530 was published Jun 25, 2022

An issue was discovered in function sync_tree in hetero_decision_tree_guest.py in WeBank FATE ... High Unreviewed

CVE-2020-25459 was published Jun 17, 2022

CA Automic Automation 12.2 and 12.3 contain an insecure file creation and handling vulnerability... High Unreviewed

CVE-2022-33753 was published Jun 17, 2022

CA Automic Automation 12.2 and 12.3 contain an insecure memory handling vulnerability in the... High Unreviewed

CVE-2022-33751 was published Jun 17, 2022

A vulnerability in live_check.shtml of WAVLINK WN535 G3 M35G3R.V5030.180927 allows attackers to... High Unreviewed

CVE-2022-31845 was published Jun 15, 2022

A vulnerability in live_mfg.shtml of WAVLINK WN535 G3 M35G3R.V5030.180927 allows attackers to... High Unreviewed

CVE-2022-31846 was published Jun 15, 2022

A vulnerability in /cgi-bin/ExportAllSettings.sh of WAVLINK WN579 X3 M79X3.V5030.180719 allows... High Unreviewed

CVE-2022-31847 was published Jun 15, 2022

A vulnerability in live_mfg.shtml of WAVLINK AERIAL X 1200M M79X3.V5030.191012 allows attackers... High Unreviewed

CVE-2022-31308 was published Jun 15, 2022

A vulnerability in live_check.shtml of WAVLINK AERIAL X 1200M M79X3.V5030.180719 allows attackers... High Unreviewed

CVE-2022-31309 was published Jun 15, 2022

ownCloud owncloud/core before 10.10.0 Improperly Removes Sensitive Information Before Storage or... High Unreviewed

CVE-2022-31649 was published Jun 10, 2022

Missing caller check in Smart Things prior to version 1.7.85.12 allows attacker to access... High Unreviewed

CVE-2022-30746 was published Jun 8, 2022

Exposure of Sensitive Information vulnerability in Samsung Account prior to version 13.2.00.6... High Unreviewed

CVE-2022-30732 was published Jun 8, 2022

All versions of Elastic Cloud Enterprise has the Elasticsearch “anonymous” user enabled by... High Unreviewed

CVE-2021-22146 was published May 24, 2022

Previous 1 2 3 4 5 6 … 9 10 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

242 advisories