Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,170
Erlang
30
GitHub Actions
19
Go
1,981
Maven
5,000+
npm
3,700
NuGet
656
pip
3,319
Pub
11
RubyGems
882
Rust
834
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

89 advisories

Loading
Insecure storage of sensitive information vulnerability in MA for Linux, macOS, and Windows prior... Moderate Unreviewed
CVE-2022-1257 was published Apr 15, 2022
An issue was discovered in FlightRadar24 v8.9.0, v8.10.0, v8.10.2, v8.10.3, v8.10.4 for Android,... Moderate Unreviewed
CVE-2021-43512 was published Jun 3, 2022
System Manager 9.x versions 9.7 and higher prior to 9.7P16, 9.8P7 and 9.9.1P2 are susceptible to... Moderate Unreviewed
CVE-2021-27004 was published May 24, 2022
An information disclosure vulnerability exists in the Syslog functionality of D-LINK DIR-3040 1... Moderate Unreviewed
CVE-2021-21816 was published May 24, 2022
Improper auto-fill algorithm in Samsung Internet prior to version 17.0.1.69 allows physical... Moderate Unreviewed
CVE-2022-30740 was published Jun 8, 2022
Brocade SANnav before Brocade SANvav v. 2.2.0.2 and Brocade SANanv v.2.1.1.8 logs the Brocade... Moderate Unreviewed
CVE-2022-28167 was published Jun 28, 2022
Brocade Fabric OS Web Application services before Brocade Fabric v9.1.0, v9.0.1e, v8.2.3c, v7.4... Moderate Unreviewed
CVE-2022-28170 was published Oct 26, 2022
During iframe navigation, certain pages did not have their FeaturePolicy fully initialized... Moderate Unreviewed
CVE-2022-40959 was published Dec 22, 2022
Incorrect security UI in full screen mode in Google Chrome prior to 78.0.3904.70 allowed a remote... Moderate Unreviewed
CVE-2019-13719 was published May 24, 2022
Incorrect security UI in full screen mode in Google Chrome prior to 78.0.3904.70 allowed a remote... Moderate Unreviewed
CVE-2019-13717 was published May 24, 2022
SUSE Manager until version 4.0.7 and Uyuni until commit 1b426ad5ed0a7191a6fb46bb83e98ae4b99a5ade... Moderate Unreviewed
CVE-2019-3684 was published May 24, 2022
This issue was addresses by updating incorrect URLSession file descriptors management logic to... Moderate Unreviewed
CVE-2019-8790 was published May 24, 2022
IBM Security Guardium Insights 2.0.1 stores sensitive information in URL parameters. This may... Moderate Unreviewed
CVE-2020-4172 was published May 24, 2022
An information disclosure issue existed in the handling of the Storage Access API. This issue was... Moderate Unreviewed
CVE-2019-8898 was published May 24, 2022
NVIDIA DGX servers, all DGX-1 with BMC firmware versions prior to 3.38.30, contains a... Moderate Unreviewed
CVE-2020-11484 was published May 24, 2022
An authentication bypass in the debug interface in Mercedes-Benz HERMES 2.1 allows an attacker... Moderate Unreviewed
CVE-2019-19562 was published May 24, 2022
An issue was discovered in tangro Business Workflow before 1.18.1. No (or broken) access control... Moderate Unreviewed
CVE-2020-26176 was published May 24, 2022
IBM Workload Automation 9.5 stores sensitive information in HTML comments that could aid in... Moderate Unreviewed
CVE-2020-4673 was published May 24, 2022
IBM Workload Automation 9.5 stores the server path in URLs that could aid in further attacks... Moderate Unreviewed
CVE-2020-4674 was published May 24, 2022
An authentication bypass in the debug interface in Mercedes-Benz HERMES 1.5 allows an attacker... Moderate Unreviewed
CVE-2019-19560 was published May 24, 2022
Slurm before 19.05.8 and 20.x before 20.02.6 exposes Sensitive Information to an Unauthorized... Moderate Unreviewed
CVE-2020-27746 was published May 24, 2022
The iOS and macOS apps before 1.4.1 for the Western Digital G-Technology ArmorLock NVMe SSD store... Moderate Unreviewed
CVE-2021-28653 was published May 24, 2022
There is an information disclosure vulnerability in TE Mobile software versions V600R006C10... Moderate Unreviewed
CVE-2020-9202 was published May 24, 2022
Incorrect Access Control in Nagios Fusion 4.1.8 and earlier allows low-privileged authenticated... Moderate Unreviewed
CVE-2020-28911 was published May 24, 2022
In manage_proj_edit_page.php in MantisBT before 2.24.4, any unprivileged logged-in user can... Moderate Unreviewed
CVE-2020-29603 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database