GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,081
Erlang
29
GitHub Actions
19
Go
1,909
Maven
5,000+
npm
3,642
NuGet
638
pip
3,258
Pub
10
RubyGems
869
Rust
820
Swift
35
Unreviewed advisories
All unreviewed
5,000+
8,827 advisories
Filter by severity
Zoho ManageEngine ServiceDesk Plus before 13001 allows anyone to know the organisation's default...
Moderate
Unreviewed
CVE-2022-25245
was published
Apr 6, 2022
The Booking Package WordPress plugin before 1.5.29 requires a token for exporting the ical...
High
Unreviewed
CVE-2022-0709
was published
Apr 5, 2022
The JobMonster Theme was vulnerable to Directory Listing in the /wp-content/uploads/jobmonster/...
Moderate
Unreviewed
CVE-2022-1166
was published
Apr 5, 2022
It was observed that while login into Business-central console, HTTP request discloses sensitive...
High
Unreviewed
CVE-2019-14839
was published
Apr 3, 2022
Wyse Device Agent version 14.6.1.4 and below contain a sensitive data exposure vulnerability. A...
Moderate
Unreviewed
CVE-2022-23158
was published
Apr 2, 2022
Wyse Device Agent version 14.6.1.4 and below contain a sensitive data exposure vulnerability. A...
Moderate
Unreviewed
CVE-2022-23157
was published
Apr 2, 2022
An information disclosure vulnerability in Webadmin allows an unauthenticated remote attacker to...
Moderate
Unreviewed
CVE-2022-0331
was published
Mar 30, 2022
A vulnerability was found in TEM FLEX-1080 and FLEX-1085 1.6.0. It has been declared as...
High
Unreviewed
CVE-2022-1077
was published
Mar 30, 2022
Discoverability of user password hash in Statamic CMS
Low
CVE-2022-24784
was published
for
statamic/cms
(Composer)
Mar 29, 2022
Twig Sandbox Information Disclosure
Low
CVE-2019-9942
was published
for
twig/twig
(Composer)
Mar 26, 2022
A kernel information leak flaw was identified in the scsi_ioctl function in drivers/scsi...
Moderate
Unreviewed
CVE-2022-0494
was published
Mar 26, 2022
The Reporting module in Aseco Lietuva document management system DVS Avilys before 2022-03-10...
High
Unreviewed
CVE-2022-27192
was published
Mar 25, 2022
MotionEye v0.42.1 and below allows attackers to access sensitive information via a GET request to...
High
Unreviewed
CVE-2022-25568
was published
Mar 25, 2022
Bluedon Information Security Technologies Co.,Ltd Internet Access Detector v1.0 was discovered to...
High
Unreviewed
CVE-2022-25571
was published
Mar 25, 2022
Improper access control allows admin privilege escalation in Argo CD
Critical
CVE-2022-24768
was published
for
github.com/argoproj/argo-cd
(Go)
Mar 24, 2022
GE UR firmware versions prior to version 8.1x web server interface is supported on UR over HTTP...
High
Unreviewed
CVE-2021-27422
was published
Mar 24, 2022
Exposure of Sensitive Information to an Unauthorized Actor in OpenStack tripleo-heat-templates
Moderate
CVE-2021-4180
was published
for
tripleo-heat-templates
(pip)
Mar 24, 2022
Accounted time is shown in the Ticket Detail View (External Interface), even if ExternalFrontend:...
Moderate
Unreviewed
CVE-2022-1004
was published
Mar 22, 2022
IBM Business Automation Workflow 18.0, 19.0, 20.0, and 21.0 and IBM Business Process Manager 8.5...
Moderate
Unreviewed
CVE-2021-39046
was published
Mar 19, 2022
This issue was addressed with improved checks. This issue is fixed in tvOS 15.4, iOS 15.4 and...
Moderate
Unreviewed
CVE-2022-22621
was published
Mar 19, 2022
Information Exposure in Apache Tapestry
High
CVE-2021-30638
was published
for
org.apache.tapestry:tapestry-core
(Maven)
Mar 18, 2022
When connecting to a certain port Axeda agent (All versions) and Axeda Desktop Server for Windows...
Moderate
Unreviewed
CVE-2022-25248
was published
Mar 17, 2022
Exposure of Sensitive information in httpie
Low
CVE-2022-0430
was published
for
httpie
(pip)
Mar 16, 2022
Leaking of user information on Cross-Domain communication in sysend
Moderate
CVE-2022-24762
was published
for
sysend
(npm)
Mar 14, 2022
Sensitive Information Exposure in Sylius
Moderate
CVE-2022-24742
was published
for
sylius/sylius
(Composer)
Mar 14, 2022
ProTip!
Advisories are also available from the
GraphQL API