Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,189
Erlang
31
GitHub Actions
19
Go
1,985
Maven
5,000+
npm
3,701
NuGet
657
pip
3,326
Pub
11
RubyGems
882
Rust
836
Swift
35
Unreviewed advisories
All unreviewed
5,000+

1,617 advisories

Loading
NETGEAR R7000 devices before 1.0.11.116 are affected by disclosure of sensitive information. High Unreviewed
CVE-2021-45646 was published Dec 27, 2021
Certain NETGEAR devices are affected by disclosure of administrative credentials. This affects... High Unreviewed
CVE-2021-45493 was published Dec 27, 2021
In Brave Desktop 1.17 through 1.33 before 1.33.106, when CNAME-based adblocking and a proxying... High Unreviewed
CVE-2021-45884 was published Dec 28, 2021
Emuse - eServices / eNvoice Exposure Of Private Personal Information due to lack of... High Unreviewed
CVE-2021-36723 was published Dec 30, 2021
Arbitrary file has a Exposure of Sensitive Information to an Unauthorized Actor vulnerability ... High Unreviewed
CVE-2021-37125 was published Jan 4, 2022
Insertion of Sensitive Information into Log File in Apache NiFi High
CVE-2020-1942 was published for org.apache.nifi:nifi-framework-core (Maven) Jan 6, 2022
hoppscotch is vulnerable to Exposure of Sensitive Information to an Unauthorized Actor High Unreviewed
CVE-2022-0121 was published Jan 7, 2022
The Plus Addons for Elementor - Pro WordPress plugin before 5.0.7 does not validate the qvquery... High Unreviewed
CVE-2021-24948 was published Jan 11, 2022
Exposure of Sensitive Information to an Unauthorized Actor in microweber High
CVE-2022-0281 was published for microweber/microweber (Composer) Jan 21, 2022
node-fetch forwards secure headers to untrusted sites High
CVE-2022-0235 was published for node-fetch (npm) Jan 21, 2022
kurt-r2c
Exposure of Sensitive Information in simple-get High
CVE-2022-0355 was published for simple-get (npm) Jan 28, 2022
An information disclosure vulnerability exists due to a web server misconfiguration in the... High Unreviewed
CVE-2022-21236 was published Jan 29, 2022
Information Exposure vulnerability in Hitachi Energy LinkOne application, due to a... High Unreviewed
CVE-2021-40340 was published Jan 29, 2022
A CWE-200: Exposure of Sensitive Information to an Unauthorized Actor vulnerability exists that... High Unreviewed
CVE-2021-22825 was published Jan 29, 2022
Path traversal and dereference of symlinks in Argo CD High
CVE-2022-24348 was published for github.com/argoproj/argo-cd (Go) Feb 7, 2022
Cookie and header exposure in twisted High
CVE-2022-21712 was published for twisted (pip) Feb 7, 2022
ranjit-git alex
twm
XMPie uStore 12.3.7244.0 allows for administrators to generate reports based on raw SQL queries.... High Unreviewed
CVE-2022-23320 was published Feb 8, 2022
Exposure of sensitive information to an unauthorized actor vulnerability in Web Server in... High Unreviewed
CVE-2022-22680 was published Feb 8, 2022
Exposure of Sensitive Information to an Unauthorized Actor in Apache Tomcat High
CVE-2020-17527 was published for org.apache.tomcat:tomcat-coyote (Maven) Feb 9, 2022
sunSUNQ
A vulnerability has been identified in SIMATIC PCS 7 V8.2 and earlier (All versions), SIMATIC PCS... High Unreviewed
CVE-2021-40360 was published Feb 10, 2022
IBM OPENBMC OP920, OP930, and OP940 could allow an unauthenticated user to obtain sensitive... High Unreviewed
CVE-2021-38960 was published Feb 10, 2022
Exposure of Sensitive Information to an Unauthorized Actor in Concord High
CVE-2020-10591 was published for com.walmartlabs.concord.docker:concord-common (Maven) Feb 10, 2022
Insecure template handling in Express-handlebars High
CVE-2021-32820 was published for express-handlebars (npm) Feb 10, 2022
SAP Adaptive Server Enterprise (ASE) - version 16.0, installation makes an entry in the system... High Unreviewed
CVE-2022-22528 was published Feb 11, 2022
An Information Disclosure vulnerability for JT files in Autodesk Inventor 2022, 2021, 2020, 2019... High Unreviewed
CVE-2021-40159 was published Feb 11, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database