Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,233
Erlang
31
GitHub Actions
20
Go
1,992
Maven
5,000+
npm
3,709
NuGet
661
pip
3,346
Pub
11
RubyGems
884
Rust
846
Swift
36
Unreviewed advisories
All unreviewed
5,000+

62 advisories

Loading
Tencent GameLoop before 4.1.21.90 downloaded updates over an insecure HTTP connection. A... High Unreviewed
CVE-2021-33879 was published May 24, 2022
An arbitrary file download vulnerability in Oliver v5 Library Server Versions < 5.00.008.053 via... High Unreviewed
CVE-2021-45027 was published Sep 2, 2022
The ABB CP635 HMI uses two different transmission methods to upgrade its firmware and its... High Unreviewed
CVE-2019-7229 was published May 24, 2022
The Zoom Client for Meetings for Windows before version 5.10.0 and Zoom Rooms for Conference Room... High Unreviewed
CVE-2022-22786 was published May 19, 2022
Caphyon Ltd Advanced Installer 19.2 was discovered to contain a remote code execution (RCE)... High Unreviewed
CVE-2022-27438 was published Jun 7, 2022
An issue was discovered in Emote Remote Mouse through 4.0.0.0. It uses cleartext HTTP to check,... High Unreviewed
CVE-2021-27574 was published May 24, 2022
Certain EMCO Software products are affected by: CWE-494: Download of Code Without Integrity Check... High Unreviewed
CVE-2022-28944 was published May 24, 2022
Data Integrity Failure in 'Backup Config' in D-Link DNR-322L <= 2.60B15 allows an authenticated... High Unreviewed
CVE-2022-40799 was published Nov 29, 2022
Incorrect Resource Transfer Between Spheres in Grails High
CVE-2019-12728 was published for org.grails:grails-core (Maven) May 24, 2022
ZZ Inc. KeyMouse Windows 3.08 and prior is affected by a remote code execution vulnerability... High Unreviewed
CVE-2022-24644 was published Mar 11, 2022
Cleartext Transmission of Sensitive Information, Inclusion of Functionality from Untrusted Control Sphere , and Download of Code Without Integrity Check in Eclipse hawkBit High
CVE-2019-10240 was published for org.eclipse.hawkbit:hawkbit-autoconfigure (Maven) Apr 15, 2019
High severity vulnerability that affects generator-jhipster High
GHSA-mc84-xr9p-938r was published for generator-jhipster (npm) Sep 23, 2019
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database