GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,272
Erlang
31
GitHub Actions
21
Go
2,047
Maven
5,000+
npm
3,739
NuGet
668
pip
3,415
Pub
12
RubyGems
891
Rust
868
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
493 advisories
Filter by severity
Some AMD CPUs may transiently execute beyond unconditional direct branches, which may potentially...
Moderate
Unreviewed
CVE-2021-26341
was published
Mar 12, 2022
IBM Engineering Workflow Management 7.0, 7.0.1, and 7.0.2 and IBM Rational Team Concert 6.0.6 and...
Moderate
Unreviewed
CVE-2020-4989
was published
Mar 16, 2022
The /rest-service-fecru/server-v1 resource in Fisheye and Crucible before version 4.8.9 allowed...
Moderate
Unreviewed
CVE-2021-43955
was published
Mar 17, 2022
In __show_regs of process.c, there is a possible leak of kernel memory and addresses due to log...
Moderate
Unreviewed
CVE-2021-39715
was published
Mar 17, 2022
This issue was addressed with improved checks. This issue is fixed in iOS 15.4 and iPadOS 15.4. A...
Moderate
Unreviewed
CVE-2022-22622
was published
Mar 19, 2022
The GSMA authentication panel could be presented on the lock screen. The issue was resolved by...
Moderate
Unreviewed
CVE-2022-22652
was published
Mar 19, 2022
A permissions issue was addressed with improved validation. This issue is fixed in Security...
Moderate
Unreviewed
CVE-2022-22583
was published
Mar 19, 2022
OpenEMR v6.0.0 was discovered to contain an incorrect access control issue.
Moderate
Unreviewed
CVE-2022-25041
was published
Mar 25, 2022
GE UR firmware versions prior to version 8.1x shares MODBUS memory map as part of the...
Moderate
Unreviewed
CVE-2021-27424
was published
Mar 24, 2022
On unix-like systems, the system temporary directory is shared between all users on that system....
Moderate
Unreviewed
CVE-2021-22572
was published
Mar 30, 2022
In gadget_dev_desc_UDC_show of configfs.c, there is a possible disclosure of kernel heap memory...
Moderate
Unreviewed
CVE-2021-39648
was published
Dec 16, 2021
IBM Cognos Analytics 11.1.7 and 11.2.0 could allow a low level user to reas of the application...
Moderate
Unreviewed
CVE-2021-29716
was published
Dec 4, 2021
In PermissionController, there is a possible permission bypass due to an unsafe PendingIntent....
Moderate
Unreviewed
CVE-2021-39757
was published
Mar 31, 2022
IBM Cognos Analytics 11.1.7 and 11.2.0 could allow an authenticated to view or edit a Jupyter...
Moderate
Unreviewed
CVE-2021-29867
was published
Dec 4, 2021
In Telephony, there is a possible way to determine whether an app is installed, without query...
Moderate
Unreviewed
CVE-2021-39777
was published
Mar 31, 2022
In code generated by BuildParcelFields of generate_cpp.cpp, there is a possible way for a crafted...
Moderate
Unreviewed
CVE-2021-0966
was published
Dec 16, 2021
Data leak in Canvas in Google Chrome prior to 99.0.4844.51 allowed a remote attacker who...
Moderate
Unreviewed
CVE-2022-0806
was published
Apr 6, 2022
Policy bypass in COOP in Google Chrome prior to 98.0.4758.80 allowed a remote attacker to bypass...
Moderate
Unreviewed
CVE-2022-0461
was published
Apr 6, 2022
Information exposure vulnerability in Samsung DeX Home prior to SMR April-2022 Release 1 allows...
Moderate
Unreviewed
CVE-2022-27576
was published
Apr 12, 2022
Telephony application has a Exposure of Sensitive Information to an Unauthorized Actor...
Moderate
Unreviewed
CVE-2021-39980
was published
Jan 4, 2022
Information exposure vulnerability in ril property setting prior to SMR April-2022 Release 1...
Moderate
Unreviewed
CVE-2022-27822
was published
Apr 12, 2022
VMware Workspace ONE Access, Identity Manager and vRealize Automation contain an information...
Moderate
Unreviewed
CVE-2022-22961
was published
Apr 14, 2022
Dell PowerScale OneFS, 8.2,x, 9.1.0.x, 9.2.1.x, and 9.3.0.x contain a denial of service...
Moderate
Unreviewed
CVE-2022-23163
was published
Apr 13, 2022
A website that had permission to access the microphone could record audio without the audio...
Moderate
Unreviewed
CVE-2022-38474
was published
Dec 22, 2022
An issue was discovered in Amazon AWS VPN Client 2.0.0. A TOCTOU race condition exists during the...
Moderate
Unreviewed
CVE-2022-25165
was published
Apr 15, 2022
ProTip!
Advisories are also available from the
GraphQL API