Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,170
Erlang
30
GitHub Actions
19
Go
1,981
Maven
5,000+
npm
3,700
NuGet
656
pip
3,319
Pub
11
RubyGems
882
Rust
834
Swift
35
Unreviewed advisories
All unreviewed
5,000+

988 advisories

Loading
Exposure of Sensitive Information in Find My Mobile prior to version 7.2.25.14 allows local... Low Unreviewed
CVE-2022-36878 was published Sep 10, 2022
In Splunk Enterprise versions in the following table, an authenticated user can craft a dashboard... Low Unreviewed
CVE-2022-37438 was published Aug 17, 2022
Flask-AppBuilder before v4.1.3 allows inference of sensitive information through query strings Low
CVE-2022-31177 was published for Flask-AppBuilder (pip) Jul 29, 2022
Puppet Bolt prior to version 3.24.0 will print sensitive parameters when planning a run resulting... Low Unreviewed
CVE-2022-2394 was published Jul 20, 2022
An exploitable information disclosure vulnerability exists in SoftPerfect’s RAM Disk 4.1 spvve... Low Unreviewed
CVE-2020-13523 was published May 24, 2022
SITEL CAP/PRX firmware version 5.2.01 allows an attacker with access to the local network, to... Low Unreviewed
CVE-2021-32453 was published May 24, 2022
In multiple places, it was possible for the primary user’s dictionary to be visible to and... Low Unreviewed
CVE-2020-0017 was published May 24, 2022
A vulnerability in the implementation of a CLI diagnostic command in Cisco FXOS Software and... Low Unreviewed
CVE-2019-1734 was published May 24, 2022
An exposure of sensitive information to an unauthorized actor [CWE-200] vulnerability in... Low Unreviewed
CVE-2021-36192 was published May 24, 2022
IBM Cognos Analytics 11.1.7 and 11.2.0 contains locally cached browser data, that could allow a... Low Unreviewed
CVE-2020-4951 was published May 24, 2022
Acrobat Reader DC ActiveX Control versions 2021.005.20060 (and earlier), 2020.004.30006 (and... Low Unreviewed
CVE-2021-39856 was published May 24, 2022
Magento Information Disclosure vulnerability Low
CVE-2021-28566 was published for magento/community-edition (Composer) May 24, 2022
NCH Reflect CRM 3.01 allows local users to discover cleartext user account information by reading... Low Unreviewed
CVE-2021-37468 was published May 24, 2022
IBM Cloud Pak System 2.3 could allow a local user in some situations to view the artifacts of... Low Unreviewed
CVE-2021-20478 was published May 24, 2022
Dell Wyse Management Suite versions 3.2 and earlier contain a full path disclosure vulnerability.... Low Unreviewed
CVE-2021-21587 was published May 24, 2022
A flaw was found in the Linux kernel in versions before 5.4.92 in the BPF protocol. This flaw... Low Unreviewed
CVE-2021-20239 was published May 24, 2022
A data exposure flaw was found in Ansible Tower in versions before 3.7.2, where sensitive data... Low Unreviewed
CVE-2020-14329 was published May 24, 2022
A flaw was found in Ansible Tower when running jobs. This flaw allows an attacker to access the... Low Unreviewed
CVE-2020-10698 was published May 24, 2022
Dell Hybrid Client versions prior to 1.5 contain an information exposure vulnerability. A local... Low Unreviewed
CVE-2021-21534 was published May 24, 2022
A pendingIntent hijacking vulnerability in Secure Folder prior to SMR APR-2021 Release 1 allows... Low Unreviewed
CVE-2021-25364 was published May 24, 2022
Improper access control in Samsung Pay mini application prior to v4.0.14 allows unauthorized... Low Unreviewed
CVE-2021-25331 was published May 24, 2022
Improper access control in Samsung Pay mini application prior to v4.0.14 allows unauthorized... Low Unreviewed
CVE-2021-25332 was published May 24, 2022
Improper access control in Samsung Pay mini application prior to v4.0.14 allows unauthorized... Low Unreviewed
CVE-2021-25333 was published May 24, 2022
Micro Focus Solutions Business Manager Application Repository versions prior to 11.7.1 are... Low Unreviewed
CVE-2019-18947 was published May 24, 2022
Support bundles can include user session IDs in Jenkins Support Core Plugin Low
CVE-2021-21621 was published for org.jenkins-ci.plugins:support-core (Maven) May 24, 2022
NotMyFault
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database