Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

6,044 advisories

Loading
Authlogic Information Exposure vulnerability Moderate
CVE-2012-6497 was published for authlogic (RubyGems) May 14, 2022
Initial debug-host handler implementation could leak information and facilitate denial of service Moderate
GHSA-x477-fq37-q5wr was published for fortio.org/proxy (Go) Jan 27, 2023
There is an information leakage vulnerability in FusionCompute 6.5.1, eCNS280_TD V100R005C00 and... Moderate Unreviewed
CVE-2021-37036 was published Nov 24, 2021
Under certain conditions SAP Business Objects Business Intelligence Platform - versions 420, 430,... Moderate Unreviewed
CVE-2022-24398 was published Mar 11, 2022
Information Leak Vulnerability exists in the Xiaomi Router AX6000. The vulnerability is caused by... Moderate Unreviewed
CVE-2020-14112 was published Mar 11, 2022
When connecting to a certain port Axeda agent (All versions) and Axeda Desktop Server for Windows... Moderate Unreviewed
CVE-2022-25248 was published Mar 17, 2022
The WebReporting module in F-Secure Policy Manager 7.x, 8.00 before hotfix 2, 8.1x before hotfix... Moderate Unreviewed
CVE-2011-1103 was published May 17, 2022
IBM WebSphere Portal 6.0.1.1 through 7.0.0.0, as used in IBM Lotus Web Content Management (WCM)... Moderate Unreviewed
CVE-2011-0679 was published May 17, 2022
Html-edit CMS 3.1.8 allows remote attackers to obtain sensitive information via a direct request... Moderate Unreviewed
CVE-2010-4611 was published May 17, 2022
MyBB (aka MyBulletinBoard) before 1.4.12 does not properly handle a configuration with a visible... Moderate Unreviewed
CVE-2010-4625 was published May 17, 2022
An information disclosure vulnerability exists due to the hardcoded TLS key of reolink RLC-410W... Moderate Unreviewed
CVE-2022-21199 was published Jan 29, 2022
Insertion of Sensitive Information into Externally-Accessible File or Directory and Exposure of Sensitive Information to an Unauthorized Actor in hbs Moderate
CVE-2021-32822 was published for hbs (npm) Sep 2, 2021
Active IQ Unified Manager for VMware vSphere, Linux, and Microsoft Windows versions prior to 9... Moderate Unreviewed
CVE-2022-23235 was published Aug 26, 2022
Exposure of Sensitive Information to an Unauthorized Actor Moderate
CVE-2021-32712 was published for shopware/shopware (Composer) Sep 8, 2021
Accounted time is shown in the Ticket Detail View (External Interface), even if ExternalFrontend:... Moderate Unreviewed
CVE-2022-1004 was published Mar 22, 2022
IBM Business Automation Workflow 18.0, 19.0, 20.0, and 21.0 and IBM Business Process Manager 8.5... Moderate Unreviewed
CVE-2021-39046 was published Mar 19, 2022
This issue was addressed with improved checks. This issue is fixed in tvOS 15.4, iOS 15.4 and... Moderate Unreviewed
CVE-2022-22621 was published Mar 19, 2022
Unspecified vulnerability in the mod_mono module for XSP in Mono 2.8.x before 2.8.2 allows remote... Moderate Unreviewed
CVE-2010-4225 was published May 17, 2022
admin/upgrade_unattended.php in MantisBT before 1.2.4 allows remote attackers to obtain sensitive... Moderate Unreviewed
CVE-2010-4349 was published May 17, 2022
SAP BusinessObjects Enterprise XI 3.2 allows remote attackers to trigger TCP connections to... Moderate Unreviewed
CVE-2010-3982 was published May 17, 2022
Photos in Apple iOS before 4.2 enables support for HTTP Basic Authentication over an unencrypted... Moderate Unreviewed
CVE-2010-3831 was published May 17, 2022
The Old Charts implementation in Bugzilla 2.12 through 3.2.8, 3.4.8, 3.6.2, 3.7.3, and 4.1... Moderate Unreviewed
CVE-2010-3764 was published May 17, 2022
ImageIO in Apple iOS before 8.4.1 and OS X before 10.10.5 does not properly initialize an... Moderate Unreviewed
CVE-2015-5781 was published May 17, 2022
The Sandbox_profiles component in Apple iOS before 8.4.1 allows attackers to bypass the third... Moderate Unreviewed
CVE-2015-5749 was published May 17, 2022
An information disclosure vulnerability in Webadmin allows an unauthenticated remote attacker to... Moderate Unreviewed
CVE-2022-0331 was published Mar 30, 2022
ProTip! Advisories are also available from the GraphQL API