Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
44
GitHub Actions
45
Go
3,248
Maven
5,000+
npm
5,000+
NuGet
867
pip
4,513
Pub
12
RubyGems
997
Rust
1,189
Swift
51
Unreviewed advisories
All unreviewed
5,000+

10,302 advisories

Loading
Adobe Experience Manager 6.1 and earlier has a sensitive data exposure vulnerability. High Unreviewed
CVE-2017-3110 was published May 17, 2022
An information disclosure vulnerability exists in the Zebra IP Routing Manager functionality of D... High Unreviewed
CVE-2021-21817 was published May 24, 2022
A vulnerability, which was classified as problematic, has been found in Axios Italia Axios RE 1.7... High Unreviewed
CVE-2019-25069 was published Jun 10, 2022
SAP Analysis for Microsoft Office - version 2.8, allows an attacker with high privileges to read... Moderate Unreviewed
CVE-2021-38175 was published May 24, 2022
Gradle Enterprise before 2021.1.3 can allow unauthorized viewing of a response (information... High Unreviewed
CVE-2021-41584 was published May 24, 2022
IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 6.1.1.0 could allow an authneticated... Moderate Unreviewed
CVE-2021-29700 was published May 24, 2022
In all versions of GitLab CE/EE since version 13.6, it is possible to see pending invitations of... Moderate Unreviewed
CVE-2021-39875 was published May 24, 2022
A local attacker may be able to view Now Playing information from the lock screen. This issue is... Moderate Unreviewed
CVE-2021-30756 was published May 24, 2022
The Keybase Client for Android before version 5.8.0 and the Keybase Client for iOS before version... Moderate Unreviewed
CVE-2021-34421 was published May 24, 2022
NCH Reflect CRM 3.01 allows local users to discover cleartext user account information by reading... Low Unreviewed
CVE-2021-37468 was published May 24, 2022
Vulnerability in the Oracle BI Publisher product of Oracle Fusion Middleware (component: E... Moderate Unreviewed
CVE-2021-2401 was published May 24, 2022
UCMS 1.5.0 was discovered to contain a physical path leakage via an error message returned by the... Moderate Unreviewed
CVE-2021-25809 was published May 24, 2022
An information disclosure vulnerability in GitLab EE versions 13.10 and later allowed a user to... Moderate Unreviewed
CVE-2021-22233 was published May 24, 2022
Adobe Experience Manager 6.3 and earlier has a misconfiguration vulnerability. High Unreviewed
CVE-2017-3107 was published May 17, 2022
In TOTOLINK EX1200T V4.1.2cu.5215, an attacker can obtain sensitive information (wifikey,... High Unreviewed
CVE-2021-42889 was published Jun 4, 2022
Citrix Presentation Server Client for Windows before 10.200 does not clear "credential... Low Unreviewed
CVE-2008-6561 was published May 17, 2022
When binding against a DN during authentication, the reply from 389-ds-base will be different... Moderate Unreviewed
CVE-2020-35518 was published May 24, 2022
The Zend Engine in PHP 5.2 through 5.2.13 and 5.3 through 5.3.2 allows context-dependent... Moderate Unreviewed
CVE-2010-1914 was published May 17, 2022
The preg_quote function in PHP 5.2 through 5.2.13 and 5.3 through 5.3.2 allows context-dependent... Moderate Unreviewed
CVE-2010-1915 was published May 17, 2022
Exposure of Sensitive Information to an Unauthorized Actor in semantic-release Moderate
CVE-2022-31051 was published for semantic-release (npm) Jun 9, 2022
dmosen Credited to dmosen
phpAuction 3.2, and possibly 3.3.0 GPL Basic edition, allows remote attackers to obtain... Moderate Unreviewed
CVE-2008-6999 was published May 17, 2022
Dell EMC CloudLink 7.1.3 and all earlier versions, Auth Token is exposed in GET requests. These... Moderate Unreviewed
CVE-2022-24414 was published May 27, 2022
IBM InfoSphere Information Server 11.7 could allow an authenticated user to obtain sensitive... Moderate Unreviewed
CVE-2021-38887 was published May 24, 2022
IBM Tivoli Key Lifecycle Manager 3.0, 3.0.1, 4.0, and 4.1 could allow an authenticated user to to... Moderate Unreviewed
CVE-2021-38975 was published May 24, 2022
PublicCMS V4.0.202204.a and below contains an information leak via the component /views/directive... Moderate Unreviewed
CVE-2022-29784 was published Jun 4, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database