GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,968
Erlang
29
GitHub Actions
16
Go
1,752
Maven
4,982
npm
3,516
NuGet
609
pip
3,090
Pub
10
RubyGems
832
Rust
782
Swift
34
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
9,545 advisories
Filter by severity
Unspecified vulnerability in Oracle Sun Java System Portal Server 7.1 and 7.2 allows local users...
Low
Unreviewed
CVE-2010-4431
was published
May 17, 2022
Cross-site scripting (XSS) vulnerability in DaDaBIK before 4.3 beta2, when the insert or edit...
Low
Unreviewed
CVE-2010-4355
was published
May 17, 2022
The PayPal app before 3.0.1 for iOS does not verify that the server hostname matches the domain...
Low
Unreviewed
CVE-2010-4211
was published
May 17, 2022
Unspecified vulnerability in the Oracle BI Publisher component in Oracle Fusion Middleware 10.1.3...
Low
Unreviewed
CVE-2010-4425
was published
May 17, 2022
The pam_parse_in_data_v2 function in src/responder/pam/pamsrv_cmd.c in the PAM responder in SSSD...
Low
Unreviewed
CVE-2010-4341
was published
May 17, 2022
Multiple cross-site scripting (XSS) vulnerabilities in Radius Manager 3.8.0 allow remote...
Low
Unreviewed
CVE-2010-4275
was published
May 17, 2022
Unspecified vulnerability in the Agile Core component in Oracle Supply Chain Products Suite 9.3.0...
Low
Unreviewed
CVE-2010-4429
was published
May 17, 2022
Unspecified vulnerability in the Agile Core component in Oracle Supply Chain Products Suite 9.3.0...
Low
Unreviewed
CVE-2010-3505
was published
May 17, 2022
Unspecified vulnerability in the Oracle BI Publisher component in Oracle Fusion Middleware 10.1.3...
Low
Unreviewed
CVE-2010-4427
was published
May 17, 2022
Unspecified vulnerability in the Oracle Transportation Manager component in Oracle Supply Chain...
Low
Unreviewed
CVE-2010-4432
was published
May 17, 2022
HP Asset Manager 9.40 and 9.41 before 9.41.11103 P4-rev1 and 9.50 before 9.50.11925 P3 allows...
Low
Unreviewed
CVE-2015-5448
was published
May 17, 2022
Vulnerability in the MySQL Client product of Oracle MySQL (component: C API). Supported versions...
Low
Unreviewed
CVE-2020-2752
was published
May 24, 2022
The Citibank Citi Mobile app before 2.0.3 for iOS stores account data in a file, which allows...
Low
Unreviewed
CVE-2010-2913
was published
May 17, 2022
Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion...
Low
Unreviewed
CVE-2010-3597
was published
May 17, 2022
Unspecified vulnerability in Oracle Solaris 9 allows local users to affect confidentiality and...
Low
Unreviewed
CVE-2010-3586
was published
May 17, 2022
In getOrganizationNameForUser of DevicePolicyManagerService.java, there is a possible...
Low
Unreviewed
CVE-2021-0982
was published
Dec 16, 2021
In onCreate of PaymentDefaultDialog.java, there is a possible way to change a default payment app...
Low
Unreviewed
CVE-2021-0992
was published
Dec 16, 2021
Reflected Cross Site Scripting in GitHub repository openemr/openemr prior to 6.0.0.4.
Low
Unreviewed
CVE-2022-1180
was published
Mar 31, 2022
In getLine1NumberForDisplay of PhoneInterfaceManager.java, there is apossible way to determine...
Low
Unreviewed
CVE-2021-1034
was published
Dec 16, 2021
In requestRouteToHostAddress of ConnectivityService.java, there is a possible way to determine...
Low
Unreviewed
CVE-2021-0994
was published
Dec 16, 2021
Raidrive before v2021.12.35 allows attackers to arbitrarily move log files by pre-creating a...
Low
Unreviewed
CVE-2022-27049
was published
Apr 2, 2022
In ArrayMap, there is a possible leak of the content of SMS messages due to log information...
Low
Unreviewed
CVE-2021-39739
was published
Mar 31, 2022
A business logic error in Project Import in GitLab CE/EE versions 14.9 prior to 14.9.2, 14.8...
Low
Unreviewed
CVE-2022-1111
was published
Apr 5, 2022
Logins saved by Firefox should be managed by the Password Manager component which uses encryption...
Low
Unreviewed
CVE-2022-42931
was published
Dec 22, 2022
A vulnerability classified as problematic has been found in Linux Kernel. Affected is the...
Low
Unreviewed
CVE-2022-3633
was published
Oct 21, 2022
ProTip!
Advisories are also available from the
GraphQL API