GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
6,044 advisories
Filter by severity
Authlogic Information Exposure vulnerability
Moderate
CVE-2012-6497
was published
for
authlogic
(RubyGems)
May 14, 2022
Initial debug-host handler implementation could leak information and facilitate denial of service
Moderate
GHSA-x477-fq37-q5wr
was published
for
fortio.org/proxy
(Go)
Jan 27, 2023
There is an information leakage vulnerability in FusionCompute 6.5.1, eCNS280_TD V100R005C00 and...
Moderate
Unreviewed
CVE-2021-37036
was published
Nov 24, 2021
Under certain conditions SAP Business Objects Business Intelligence Platform - versions 420, 430,...
Moderate
Unreviewed
CVE-2022-24398
was published
Mar 11, 2022
Information Leak Vulnerability exists in the Xiaomi Router AX6000. The vulnerability is caused by...
Moderate
Unreviewed
CVE-2020-14112
was published
Mar 11, 2022
When connecting to a certain port Axeda agent (All versions) and Axeda Desktop Server for Windows...
Moderate
Unreviewed
CVE-2022-25248
was published
Mar 17, 2022
The WebReporting module in F-Secure Policy Manager 7.x, 8.00 before hotfix 2, 8.1x before hotfix...
Moderate
Unreviewed
CVE-2011-1103
was published
May 17, 2022
IBM WebSphere Portal 6.0.1.1 through 7.0.0.0, as used in IBM Lotus Web Content Management (WCM)...
Moderate
Unreviewed
CVE-2011-0679
was published
May 17, 2022
Html-edit CMS 3.1.8 allows remote attackers to obtain sensitive information via a direct request...
Moderate
Unreviewed
CVE-2010-4611
was published
May 17, 2022
MyBB (aka MyBulletinBoard) before 1.4.12 does not properly handle a configuration with a visible...
Moderate
Unreviewed
CVE-2010-4625
was published
May 17, 2022
An information disclosure vulnerability exists due to the hardcoded TLS key of reolink RLC-410W...
Moderate
Unreviewed
CVE-2022-21199
was published
Jan 29, 2022
Insertion of Sensitive Information into Externally-Accessible File or Directory and Exposure of Sensitive Information to an Unauthorized Actor in hbs
Moderate
CVE-2021-32822
was published
for
hbs
(npm)
Sep 2, 2021
Active IQ Unified Manager for VMware vSphere, Linux, and Microsoft Windows versions prior to 9...
Moderate
Unreviewed
CVE-2022-23235
was published
Aug 26, 2022
Exposure of Sensitive Information to an Unauthorized Actor
Moderate
CVE-2021-32712
was published
for
shopware/shopware
(Composer)
Sep 8, 2021
Accounted time is shown in the Ticket Detail View (External Interface), even if ExternalFrontend:...
Moderate
Unreviewed
CVE-2022-1004
was published
Mar 22, 2022
IBM Business Automation Workflow 18.0, 19.0, 20.0, and 21.0 and IBM Business Process Manager 8.5...
Moderate
Unreviewed
CVE-2021-39046
was published
Mar 19, 2022
This issue was addressed with improved checks. This issue is fixed in tvOS 15.4, iOS 15.4 and...
Moderate
Unreviewed
CVE-2022-22621
was published
Mar 19, 2022
Unspecified vulnerability in the mod_mono module for XSP in Mono 2.8.x before 2.8.2 allows remote...
Moderate
Unreviewed
CVE-2010-4225
was published
May 17, 2022
admin/upgrade_unattended.php in MantisBT before 1.2.4 allows remote attackers to obtain sensitive...
Moderate
Unreviewed
CVE-2010-4349
was published
May 17, 2022
SAP BusinessObjects Enterprise XI 3.2 allows remote attackers to trigger TCP connections to...
Moderate
Unreviewed
CVE-2010-3982
was published
May 17, 2022
Photos in Apple iOS before 4.2 enables support for HTTP Basic Authentication over an unencrypted...
Moderate
Unreviewed
CVE-2010-3831
was published
May 17, 2022
The Old Charts implementation in Bugzilla 2.12 through 3.2.8, 3.4.8, 3.6.2, 3.7.3, and 4.1...
Moderate
Unreviewed
CVE-2010-3764
was published
May 17, 2022
ImageIO in Apple iOS before 8.4.1 and OS X before 10.10.5 does not properly initialize an...
Moderate
Unreviewed
CVE-2015-5781
was published
May 17, 2022
The Sandbox_profiles component in Apple iOS before 8.4.1 allows attackers to bypass the third...
Moderate
Unreviewed
CVE-2015-5749
was published
May 17, 2022
An information disclosure vulnerability in Webadmin allows an unauthenticated remote attacker to...
Moderate
Unreviewed
CVE-2022-0331
was published
Mar 30, 2022
ProTip!
Advisories are also available from the
GraphQL API