Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,170
Erlang
30
GitHub Actions
19
Go
1,981
Maven
5,000+
npm
3,700
NuGet
656
pip
3,319
Pub
11
RubyGems
882
Rust
834
Swift
35
Unreviewed advisories
All unreviewed
5,000+

6,094 advisories

Loading
Exposure of Sensitive Information to an Unauthorized Actor in Apache Hadoop Moderate
CVE-2016-5001 was published for org.apache.hadoop:hadoop-common (Maven) May 13, 2022
Exposure of Sensitive Information to an Unauthorized Actor in Jenkins Moderate
CVE-2018-1000169 was published for org.jenkins-ci.main:jenkins-core (Maven) May 14, 2022
Exposure of Sensitive Information to an Unauthorized Actor in Elasticsearch Moderate
CVE-2018-17244 was published for org.elasticsearch:elasticsearch (Maven) May 13, 2022
Exposure of Sensitive Information to an Unauthorized Actor in nanoid Moderate
CVE-2021-23566 was published for nanoid (npm) Jan 21, 2022
baptistecs
Exposure of Sensitive Information to an Unauthorized Actor in DisCatSharp Moderate
CVE-2022-24849 was published for DisCatSharp (NuGet) Apr 22, 2022
A vulnerability in the XSI-Actions interface of Cisco BroadWorks Application Server could allow... Moderate Unreviewed
CVE-2021-1562 was published May 24, 2022
Office Viewer in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remote attackers to read... Moderate Unreviewed
CVE-2015-3784 was published May 17, 2022
CloudKit in Apple iOS before 8.4.1 and OS X before 10.10.5 allows attackers to access an iCloud... Moderate Unreviewed
CVE-2015-3782 was published May 17, 2022
ImageIO in Apple iOS before 8.4.1 and OS X before 10.10.5 does not properly initialize an... Moderate Unreviewed
CVE-2015-5782 was published May 17, 2022
Sensitive Information Exposure in E4J s.r.l. VikBooking Hotel Booking Engine & PMS plugin <= 1.5... Moderate Unreviewed
CVE-2022-27863 was published Apr 20, 2022
The kernel in Apple iOS before 8.4.1 and OS X before 10.10.5 does not properly restrict the... Moderate Unreviewed
CVE-2015-3766 was published May 17, 2022
An issue was discovered in Amazon AWS VPN Client 2.0.0. It is possible to include a UNC path in... Moderate Unreviewed
CVE-2022-25166 was published Apr 15, 2022
IBM Aspera High-Speed Transfer 4.3.1 and earlier could allow an authenticated user to obtain... Moderate Unreviewed
CVE-2022-22391 was published Apr 15, 2022
The CCAgent option 9.0.8.4 and earlier in the management server (aka TSA) component in Alcatel... Moderate Unreviewed
CVE-2010-3280 was published May 17, 2022
Zoho ManageEngine ServiceDesk Plus before 13001 allows anyone to know the organisation's default... Moderate Unreviewed
CVE-2022-25245 was published Apr 6, 2022
Apperta Foundation OpenEyes 3.5.1 allows remote attackers to view the sensitive information of... Moderate Unreviewed
CVE-2021-40375 was published Apr 7, 2022
An exposure of sensitive information to an unauthorized actor vulnerability [CWE-200] in... Moderate Unreviewed
CVE-2021-43205 was published Apr 7, 2022
The JobMonster Theme was vulnerable to Directory Listing in the /wp-content/uploads/jobmonster/... Moderate Unreviewed
CVE-2022-1166 was published Apr 5, 2022
Wyse Device Agent version 14.6.1.4 and below contain a sensitive data exposure vulnerability. A... Moderate Unreviewed
CVE-2022-23157 was published Apr 2, 2022
Wyse Device Agent version 14.6.1.4 and below contain a sensitive data exposure vulnerability. A... Moderate Unreviewed
CVE-2022-23158 was published Apr 2, 2022
An information disclosure vulnerability in Webadmin allows an unauthenticated remote attacker to... Moderate Unreviewed
CVE-2022-0331 was published Mar 30, 2022
The Sandbox_profiles component in Apple iOS before 8.4.1 allows attackers to bypass the third... Moderate Unreviewed
CVE-2015-5749 was published May 17, 2022
ImageIO in Apple iOS before 8.4.1 and OS X before 10.10.5 does not properly initialize an... Moderate Unreviewed
CVE-2015-5781 was published May 17, 2022
The Old Charts implementation in Bugzilla 2.12 through 3.2.8, 3.4.8, 3.6.2, 3.7.3, and 4.1... Moderate Unreviewed
CVE-2010-3764 was published May 17, 2022
admin/upgrade_unattended.php in MantisBT before 1.2.4 allows remote attackers to obtain sensitive... Moderate Unreviewed
CVE-2010-4349 was published May 17, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database