Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

6,044 advisories

Loading
Password exposure in concrete5/core Moderate
CVE-2021-22951 was published for concrete5/core (Composer) Nov 23, 2021
There is an information leakage vulnerability in FusionCompute 6.5.1, eCNS280_TD V100R005C00 and... Moderate Unreviewed
CVE-2021-37036 was published Nov 24, 2021
IBM MQ Appliance 9.2 CD and 9.2 LTS could allow a local attacker to obtain sensitive information... Moderate Unreviewed
CVE-2021-39000 was published Dec 1, 2021
IBM MQ Appliance could allow a local attacker to obtain sensitive information by inclusion of... Moderate Unreviewed
CVE-2021-38999 was published Dec 1, 2021
Mahavitaran android application 7.50 and prior transmit sensitive information in URL parameters.... Moderate Unreviewed
CVE-2020-27414 was published Dec 3, 2021
Instance config inline secret exposure in Grafana Moderate
CVE-2021-41090 was published for github.com/grafana/agent (Go) Dec 8, 2021
A exposure of sensitive information to an unauthorized actor in Fortinet FortiAuthenticator... Moderate Unreviewed
CVE-2021-43067 was published Dec 9, 2021
IBM Spectrum Protect Operations Center 7.1, under special configurations, could allow a local... Moderate Unreviewed
CVE-2021-38901 was published Dec 14, 2021
An information disclosure vulnerability in GitLab CE/EE versions 12.0 to 14.3.6, 14.4 to 14.4.4,... Moderate Unreviewed
CVE-2021-39941 was published Dec 14, 2021
The Onion module in toxcore before 0.2.2 doesn't restrict which packets can be onion-routed,... Moderate Unreviewed
CVE-2018-25022 was published Dec 14, 2021
In onCreate of RequestIgnoreBatteryOptimizations.java, there is a possible way to determine... Moderate Unreviewed
CVE-2021-1023 was published Dec 16, 2021
pep_sock_accept in net/phonet/pep.c in the Linux kernel through 5.15.8 has a refcount leak. Moderate Unreviewed
CVE-2021-45095 was published Dec 17, 2021
In geniezone driver, there is a possible out of bounds read due to an incorrect bounds check.... Moderate Unreviewed
CVE-2021-0676 was published Dec 18, 2021
An issue was discovered in MediaWiki before 1.35.5, 1.36.x before 1.36.3, and 1.37.x before 1.37... Moderate Unreviewed
CVE-2021-45038 was published Dec 18, 2021
Information Exposure in RunC Moderate
CVE-2016-9962 was published for github.com/opencontainers/runc (Go) Dec 20, 2021
Dell Wyse Device Agent version 14.5.4.1 and below contain a sensitive data exposure vulnerability... Moderate Unreviewed
CVE-2021-36341 was published Dec 22, 2021
IBM Cloud Pak for Security (CP4S) 1.7.2.0, 1.7.1.0, and 1.7.0.0 could allow an authenticated user... Moderate Unreviewed
CVE-2021-39013 was published Dec 23, 2021
Certain NETGEAR devices are affected by disclosure of sensitive information. This affects R6400v2... Moderate Unreviewed
CVE-2021-45649 was published Dec 27, 2021
Certain NETGEAR devices are affected by disclosure of sensitive information. A UPnP request... Moderate Unreviewed
CVE-2021-45603 was published Dec 27, 2021
ManageEngine ADSelfService Plus below build 6116 stores the password policy file for each domain... Moderate Unreviewed
CVE-2021-20148 was published Jan 4, 2022
Exposure of sensitive information to an unauthorized actor vulnerability in KONICA MINOLTA bizhub... Moderate Unreviewed
CVE-2021-20871 was published Jan 5, 2022
Exposure of sensitive information to an unauthorized actor vulnerability in KONICA MINOLTA bizhub... Moderate Unreviewed
CVE-2021-20869 was published Jan 5, 2022
Exposure of Sensitive Information to an Unauthorized Actor in Apache NiFi Moderate
CVE-2021-44145 was published for org.apache.nifi:nifi (Maven) Jan 5, 2022
A exposure of sensitive information to an unauthorized actor in Fortinet FortiMail versions 6.0.9... Moderate Unreviewed
CVE-2020-15933 was published Jan 6, 2022
Apache NiFi Insertion of Sensitive Information into Log File Moderate
CVE-2020-1928 was published for org.apache.nifi:nifi-parameter (Maven) Jan 6, 2022
ProTip! Advisories are also available from the GraphQL API