GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,272
Erlang
31
GitHub Actions
21
Go
2,047
Maven
5,000+
npm
3,739
NuGet
668
pip
3,415
Pub
12
RubyGems
891
Rust
868
Swift
36
Unreviewed advisories
All unreviewed
5,000+
73 advisories
Filter by severity
Twig has unguarded calls to `__isset()` and to array-accesses when the sandbox is enabled
Low
CVE-2024-51755
was published
for
twig/twig
(Composer)
Nov 6, 2024
Twig has unguarded calls to `__toString()` when nesting an object into an array
Low
CVE-2024-51754
was published
for
twig/twig
(Composer)
Nov 6, 2024
IBM PowerSC 1.3, 2.0, and 2.1 may allow a remote attacker to view session identifiers passed via...
Low
Unreviewed
CVE-2023-50328
was published
Feb 2, 2024
A vulnerability has been identified in PT-G503 Series versions prior to v5.2, where the session...
Low
Unreviewed
CVE-2023-4217
was published
Nov 2, 2023
Authenticated clients can read arbitrary files on the MAIN Computer
system using the remote...
Low
Unreviewed
CVE-2023-2622
was published
Nov 1, 2023
The vulnerability is to theft of arbitrary files with system privilege in the Screen recording (...
Low
Unreviewed
CVE-2023-44124
was published
Sep 27, 2023
Secret displayed without masking by Chef Identity Plugin
Low
CVE-2023-39155
was published
for
org.jenkins-ci.plugins:chef-identity
(Maven)
Jul 26, 2023
Nomad Caller ACL Token’s Secret ID is Exposed to Sentinel
Low
CVE-2023-3299
was published
for
github.com/hashicorp/nomad
(Go)
Jul 20, 2023
The issue was addressed with improved checks. This issue is fixed in iOS 16.5 and iPadOS 16.5,...
Low
Unreviewed
CVE-2023-32394
was published
Jun 23, 2023
Unauthenticated user can have information about hidden users on subwikis through uorgsuggest.vm
Low
CVE-2023-29203
was published
for
org.xwiki.platform:xwiki-platform-web-templates
(Maven)
Apr 12, 2023
Mattermost fails to honor the ShowEmailAddress setting when constructing a response to the ...
Low
Unreviewed
CVE-2023-27265
was published
Feb 27, 2023
RestEasy Reactive implementation of Quarkus allows Creation of Temporary File With Insecure Permissions
Low
CVE-2023-0481
was published
for
io.quarkus.resteasy.reactive:resteasy-reactive-common
(Maven)
Feb 24, 2023
PowerPath Management Appliance with versions 3.3, 3.2*, 3.1 & 3.0* contains sensitive information...
Low
Unreviewed
CVE-2022-34452
was published
Feb 10, 2023
Improper access control vulnerabilities in Samsung Cloud prior to version 5.3.0.32 allows local...
Low
Unreviewed
CVE-2023-21447
was published
Feb 9, 2023
Improper logic in HomeScreen prior to SMR Feb-2023 Release 1 allows physical attacker to access...
Low
Unreviewed
CVE-2023-21438
was published
Feb 9, 2023
lxc-user-nic in lxc through 5.0.1 is installed setuid root, and may allow local users to infer...
Low
Unreviewed
CVE-2022-47952
was published
Jan 1, 2023
In various functions of ap_input_processor.c, there is a possible way to record audio during a...
Low
Unreviewed
CVE-2022-20562
was published
Dec 21, 2022
In multiple locations of WifiDialogActivity.java, there is a possible limited lockscreen bypass...
Low
Unreviewed
CVE-2022-20529
was published
Dec 20, 2022
In enforceVisualVoicemailPackage of PhoneInterfaceManager.java, there is a possible leak of...
Low
Unreviewed
CVE-2022-20525
was published
Dec 20, 2022
Temporary File Information Disclosure vulnerability in MPXJ
Low
CVE-2022-41954
was published
for
mpxj
(Maven)
Nov 28, 2022
Improper access control vulnerability in IpcRxServiceModeBigDataInfo in RIL prior to SMR Nov-2022...
Low
Unreviewed
CVE-2022-39886
was published
Nov 10, 2022
"IBM Robotic Process Automation for Cloud Pak 21.0.1, 21.0.2, 21.0.3, 21.0.4, and 21.0.5 is...
Low
Unreviewed
CVE-2022-42442
was published
Nov 4, 2022
Improper access control vulnerability in QuickShare prior to version 13.2.3.5 allows attackers to...
Low
Unreviewed
CVE-2022-39860
was published
Oct 7, 2022
In BigBlueButton before 2.2.7, lockSettingsProps.disablePrivateChat does not apply to already...
Low
Unreviewed
CVE-2020-27601
was published
Sep 30, 2022
In Amanda 3.5.1, an information leak vulnerability was found in the calcsize SUID binary. An...
Low
Unreviewed
CVE-2022-37703
was published
Sep 14, 2022
ProTip!
Advisories are also available from the
GraphQL API