GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,496
Composer 4,170
Erlang 30
GitHub Actions 19
Go 1,981
Maven 5,155
npm 3,700
NuGet 656
pip 3,319
Pub 11
RubyGems 882
Rust 834
Swift 35

Unreviewed advisories

All unreviewed 232,955

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

5,511 advisories

Filter by severity

Sort by

Least recently updated

There is an information leakage vulnerability in FusionCompute 6.5.1, eCNS280_TD V100R005C00 and... Moderate Unreviewed

CVE-2021-37036 was published Nov 24, 2021

Under certain conditions SAP Business Objects Business Intelligence Platform - versions 420, 430,... Moderate Unreviewed

CVE-2022-24398 was published Mar 11, 2022

Information Leak Vulnerability exists in the Xiaomi Router AX6000. The vulnerability is caused by... Moderate Unreviewed

CVE-2020-14112 was published Mar 11, 2022

When connecting to a certain port Axeda agent (All versions) and Axeda Desktop Server for Windows... Moderate Unreviewed

CVE-2022-25248 was published Mar 17, 2022

The WebReporting module in F-Secure Policy Manager 7.x, 8.00 before hotfix 2, 8.1x before hotfix... Moderate Unreviewed

CVE-2011-1103 was published May 17, 2022

IBM WebSphere Portal 6.0.1.1 through 7.0.0.0, as used in IBM Lotus Web Content Management (WCM)... Moderate Unreviewed

CVE-2011-0679 was published May 17, 2022

Html-edit CMS 3.1.8 allows remote attackers to obtain sensitive information via a direct request... Moderate Unreviewed

CVE-2010-4611 was published May 17, 2022

MyBB (aka MyBulletinBoard) before 1.4.12 does not properly handle a configuration with a visible... Moderate Unreviewed

CVE-2010-4625 was published May 17, 2022

An information disclosure vulnerability exists due to the hardcoded TLS key of reolink RLC-410W... Moderate Unreviewed

CVE-2022-21199 was published Jan 29, 2022

Active IQ Unified Manager for VMware vSphere, Linux, and Microsoft Windows versions prior to 9... Moderate Unreviewed

CVE-2022-23235 was published Aug 26, 2022

Accounted time is shown in the Ticket Detail View (External Interface), even if ExternalFrontend:... Moderate Unreviewed

CVE-2022-1004 was published Mar 22, 2022

This issue was addressed with improved checks. This issue is fixed in tvOS 15.4, iOS 15.4 and... Moderate Unreviewed

CVE-2022-22621 was published Mar 19, 2022

IBM Business Automation Workflow 18.0, 19.0, 20.0, and 21.0 and IBM Business Process Manager 8.5... Moderate Unreviewed

CVE-2021-39046 was published Mar 19, 2022

Unspecified vulnerability in the mod_mono module for XSP in Mono 2.8.x before 2.8.2 allows remote... Moderate Unreviewed

CVE-2010-4225 was published May 17, 2022

Photos in Apple iOS before 4.2 enables support for HTTP Basic Authentication over an unencrypted... Moderate Unreviewed

CVE-2010-3831 was published May 17, 2022

admin/upgrade_unattended.php in MantisBT before 1.2.4 allows remote attackers to obtain sensitive... Moderate Unreviewed

CVE-2010-4349 was published May 17, 2022

SAP BusinessObjects Enterprise XI 3.2 allows remote attackers to trigger TCP connections to... Moderate Unreviewed

CVE-2010-3982 was published May 17, 2022

The Old Charts implementation in Bugzilla 2.12 through 3.2.8, 3.4.8, 3.6.2, 3.7.3, and 4.1... Moderate Unreviewed

CVE-2010-3764 was published May 17, 2022

ImageIO in Apple iOS before 8.4.1 and OS X before 10.10.5 does not properly initialize an... Moderate Unreviewed

CVE-2015-5781 was published May 17, 2022

The Sandbox_profiles component in Apple iOS before 8.4.1 allows attackers to bypass the third... Moderate Unreviewed

CVE-2015-5749 was published May 17, 2022

An information disclosure vulnerability in Webadmin allows an unauthenticated remote attacker to... Moderate Unreviewed

CVE-2022-0331 was published Mar 30, 2022

Wyse Device Agent version 14.6.1.4 and below contain a sensitive data exposure vulnerability. A... Moderate Unreviewed

CVE-2022-23158 was published Apr 2, 2022

Wyse Device Agent version 14.6.1.4 and below contain a sensitive data exposure vulnerability. A... Moderate Unreviewed

CVE-2022-23157 was published Apr 2, 2022

The JobMonster Theme was vulnerable to Directory Listing in the /wp-content/uploads/jobmonster/... Moderate Unreviewed

CVE-2022-1166 was published Apr 5, 2022

An exposure of sensitive information to an unauthorized actor vulnerability [CWE-200] in... Moderate Unreviewed

CVE-2021-43205 was published Apr 7, 2022

Previous 1 2 3 4 5 … 220 221 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

5,511 advisories