Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,168
Erlang
30
GitHub Actions
19
Go
1,980
Maven
5,000+
npm
3,698
NuGet
656
pip
3,317
Pub
11
RubyGems
882
Rust
832
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

5,509 advisories

Loading
Philips MRI 1.5T and MRI 3T Version 5.x.x exposes sensitive information to an actor not... Moderate Unreviewed
CVE-2021-42744 was published Nov 20, 2021
Rapid7 Nexpose versions prior to 6.6.114 suffer from an information exposure issue whereby, when... Moderate Unreviewed
CVE-2019-5640 was published Nov 23, 2021
There is an information leakage vulnerability in FusionCompute 6.5.1, eCNS280_TD V100R005C00 and... Moderate Unreviewed
CVE-2021-37036 was published Nov 24, 2021
IBM MQ Appliance 9.2 CD and 9.2 LTS could allow a local attacker to obtain sensitive information... Moderate Unreviewed
CVE-2021-39000 was published Dec 1, 2021
IBM MQ Appliance could allow a local attacker to obtain sensitive information by inclusion of... Moderate Unreviewed
CVE-2021-38999 was published Dec 1, 2021
Mahavitaran android application 7.50 and prior transmit sensitive information in URL parameters.... Moderate Unreviewed
CVE-2020-27414 was published Dec 3, 2021
A exposure of sensitive information to an unauthorized actor in Fortinet FortiAuthenticator... Moderate Unreviewed
CVE-2021-43067 was published Dec 9, 2021
IBM Spectrum Protect Operations Center 7.1, under special configurations, could allow a local... Moderate Unreviewed
CVE-2021-38901 was published Dec 14, 2021
An information disclosure vulnerability in GitLab CE/EE versions 12.0 to 14.3.6, 14.4 to 14.4.4,... Moderate Unreviewed
CVE-2021-39941 was published Dec 14, 2021
The Onion module in toxcore before 0.2.2 doesn't restrict which packets can be onion-routed,... Moderate Unreviewed
CVE-2018-25022 was published Dec 14, 2021
In onCreate of RequestIgnoreBatteryOptimizations.java, there is a possible way to determine... Moderate Unreviewed
CVE-2021-1023 was published Dec 16, 2021
pep_sock_accept in net/phonet/pep.c in the Linux kernel through 5.15.8 has a refcount leak. Moderate Unreviewed
CVE-2021-45095 was published Dec 17, 2021
In geniezone driver, there is a possible out of bounds read due to an incorrect bounds check.... Moderate Unreviewed
CVE-2021-0676 was published Dec 18, 2021
An issue was discovered in MediaWiki before 1.35.5, 1.36.x before 1.36.3, and 1.37.x before 1.37... Moderate Unreviewed
CVE-2021-45038 was published Dec 18, 2021
Dell Wyse Device Agent version 14.5.4.1 and below contain a sensitive data exposure vulnerability... Moderate Unreviewed
CVE-2021-36341 was published Dec 22, 2021
IBM Cloud Pak for Security (CP4S) 1.7.2.0, 1.7.1.0, and 1.7.0.0 could allow an authenticated user... Moderate Unreviewed
CVE-2021-39013 was published Dec 23, 2021
Certain NETGEAR devices are affected by disclosure of sensitive information. This affects R6400v2... Moderate Unreviewed
CVE-2021-45649 was published Dec 27, 2021
Certain NETGEAR devices are affected by disclosure of sensitive information. A UPnP request... Moderate Unreviewed
CVE-2021-45603 was published Dec 27, 2021
ManageEngine ADSelfService Plus below build 6116 stores the password policy file for each domain... Moderate Unreviewed
CVE-2021-20148 was published Jan 4, 2022
Exposure of sensitive information to an unauthorized actor vulnerability in KONICA MINOLTA bizhub... Moderate Unreviewed
CVE-2021-20871 was published Jan 5, 2022
Exposure of sensitive information to an unauthorized actor vulnerability in KONICA MINOLTA bizhub... Moderate Unreviewed
CVE-2021-20869 was published Jan 5, 2022
A exposure of sensitive information to an unauthorized actor in Fortinet FortiMail versions 6.0.9... Moderate Unreviewed
CVE-2020-15933 was published Jan 6, 2022
Affected versions of Atlassian Jira Service Management Server and Data Center allow authenticated... Moderate Unreviewed
CVE-2021-43951 was published Jan 11, 2022
Affected versions of Atlassian Jira Service Management Server and Data Center allow authenticated... Moderate Unreviewed
CVE-2021-43949 was published Jan 11, 2022
PartKeepr versions up to v1.4.0, loads attachments using a URL while creating a part and allows... Moderate Unreviewed
CVE-2022-22701 was published Jan 11, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database