GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,892
Composer 4,266
Erlang 31
GitHub Actions 21
Go 2,041
Maven 5,224
npm 3,733
NuGet 662
pip 3,414
Pub 12
RubyGems 891
Rust 866
Swift 36

Unreviewed advisories

All unreviewed 238,129

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

10,046 advisories

Filter by severity

Sort by

Least recently updated

Information Exposure vulnerability in Watch Active2 Plugin prior to version 2.2.08.22012751... Low Unreviewed

CVE-2022-25829 was published Mar 11, 2022

Information Exposure vulnerability in Watch Active Plugin prior to version 2.2.07.22012751 allows... Low Unreviewed

CVE-2022-25828 was published Mar 11, 2022

Information Exposure vulnerability in Galaxy Watch3 Plugin prior to version 2.2.09.22012751... Low Unreviewed

CVE-2022-25830 was published Mar 11, 2022

Media Foundation Information Disclosure Vulnerability. This CVE ID is unique from CVE-2022-22010. Low Unreviewed

CVE-2022-21977 was published Mar 10, 2022

Microsoft Intune Portal for iOS Security Feature Bypass Vulnerability. Low Unreviewed

CVE-2022-24465 was published Mar 10, 2022

A flaw was found in nbdkit due to to improperly caching plaintext state across the STARTTLS... Low Unreviewed

CVE-2021-3716 was published Mar 4, 2022

The Duplicate Page or Post WordPress plugin before 1.5.1 does not have any authorisation and has... Low Unreviewed

CVE-2021-25075 was published Feb 22, 2022

The AnyComment WordPress plugin before 0.2.18 is affected by a race condition when liking... Low Unreviewed

CVE-2022-0279 was published Feb 22, 2022

IBM Maximo Anywhere 7.6.4.0 applications could allow obfuscation of the application source code.... Low Unreviewed

CVE-2019-4352 was published Feb 17, 2022

The Ibtana WordPress plugin before 1.1.4.9 does not have authorisation and CSRF checks in the... Low Unreviewed

CVE-2021-25014 was published Feb 15, 2022

A vulnerability using PendingIntent in Bixby Vision prior to versions 3.7.60.8 in Android S(12),... Low Unreviewed

CVE-2022-23434 was published Feb 12, 2022

Improper access control vulnerability in Samsung SearchWidget prior to versions 2.3.00.6 in China... Low Unreviewed

CVE-2022-24923 was published Feb 12, 2022

PendingIntent hijacking vulnerability in DataUsageReminderReceiver prior to SMR Feb-2022 Release... Low Unreviewed

CVE-2022-24000 was published Feb 12, 2022

PendingIntent hijacking vulnerability in CpaReceiver prior to SMR Feb-2022 Release 1 allows local... Low Unreviewed

CVE-2022-23999 was published Feb 12, 2022

Microsoft SharePoint Server Spoofing Vulnerability This CVE ID is unique from CVE-2021-43242. Low Unreviewed

CVE-2021-42320 was published Feb 11, 2022

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE ... Low Unreviewed

CVE-2022-21248 was published Feb 11, 2022

An issue was discovered in fs/nfs/dir.c in the Linux kernel before 5.16.5. If an application sets... Low Unreviewed

CVE-2022-24448 was published Feb 10, 2022

In ArangoDB, versions v3.7.0 through v3.9.0-alpha.1 have a feature which allows downloading a... Low Unreviewed

CVE-2021-25939 was published Feb 10, 2022

Full list of recipients from customer users in a contact field could be disclosed in notification... Low Unreviewed

CVE-2022-0474 was published Feb 8, 2022

A CWE-331: Insufficient Entropy vulnerability exists that could cause unintended connection from... Low Unreviewed

CVE-2021-22799 was published Jan 29, 2022

Escalation of privileges vulnerability in Micro Focus in Micro Focus Operations Agent, affecting... Low Unreviewed

CVE-2021-38129 was published Jan 26, 2022

This vulnerability allows local attackers to disclose sensitive information on affected... Low Unreviewed

CVE-2021-35005 was published Jan 25, 2022

Rapid7 Insight Agent, versions prior to 3.1.3, suffer from an improper access control... Low Unreviewed

CVE-2021-4016 was published Jan 22, 2022

Vulnerability in the Core RDBMS component of Oracle Database Server. Supported versions that are... Low Unreviewed

CVE-2022-21247 was published Jan 20, 2022

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DDL). Supported... Low Unreviewed

CVE-2022-21249 was published Jan 20, 2022

Previous 1 2 … 396 397 398 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

10,046 advisories