GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 19,388
Composer 3,968
Erlang 29
GitHub Actions 16
Go 1,752
Maven 4,982
npm 3,516
NuGet 609
pip 3,090
Pub 10
RubyGems 832
Rust 782
Swift 34

Unreviewed advisories

All unreviewed 221,456

CC-BY-4.0 License

Language support

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

100,303 advisories

Filter by severity

Sort by

Least recently updated

In connsyslogger, there is a possible symbolic link following due to improper link resolution.... Moderate Unreviewed

CVE-2022-20050 was published Mar 11, 2022

The pointer-validation logic in util/mem_util.rs in Occlum before 0.26.0 for Intel SGX acts as a... Moderate Unreviewed

CVE-2021-44421 was published Mar 11, 2022

Ericsson Network Manager 20.2 has Insecure Permissions. Moderate Unreviewed

CVE-2021-28488 was published Mar 11, 2022

A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists that could... Moderate Unreviewed

CVE-2022-24323 was published Mar 11, 2022

SAS Logon Manager v9.4 was discovered to contain a vulnerability in the web UI which would allow... Moderate Unreviewed

CVE-2021-42186 was published Mar 11, 2022

It was discovered that the SteelCentral AppInternals Dynamic Sampling Agent's (DSA)... Moderate Unreviewed

CVE-2021-42857 was published Mar 11, 2022

Cross-site Scripting (XSS) vulnerability in log view of Secomea SiteManager allows a logged in... Moderate Unreviewed

CVE-2021-32005 was published Mar 11, 2022

Adobe Photoshop versions 23.1.1 (and earlier) and 22.5.5 (and earlier) are affected by an out-of... Moderate Unreviewed

CVE-2022-24090 was published Mar 12, 2022

Cross-site Scripting (XSS) vulnerability in firmware section of Secomea GateManager allows logged... Moderate Unreviewed

CVE-2021-32009 was published Mar 12, 2022

Ming 0.4.8 has an out-of-bounds read vulnerability in the function decompileIF() in the decompile... Moderate Unreviewed

CVE-2021-34341 was published Mar 11, 2022

A cross-site scripting (XSS) attack can cause arbitrary code (javascript) to run in a user’s... Moderate Unreviewed

CVE-2021-33852 was published Mar 11, 2022

Ming 0.4.8 has an out-of-bounds read vulnerability in the function newVar_N() in decompile.c... Moderate Unreviewed

CVE-2021-34342 was published Mar 11, 2022

The function bitstr_tell at bitstr.c in ffjpeg commit 4ab404e has a NULL pointer dereference. Moderate Unreviewed

CVE-2021-34122 was published Mar 11, 2022

Information Leak Vulnerability exists in the Xiaomi Router AX6000. The vulnerability is caused by... Moderate Unreviewed

CVE-2020-14112 was published Mar 11, 2022

Reflected Cross-Site Scripting (XSS) vulnerability affecting parameter &tab discovered in Contact... Moderate Unreviewed

CVE-2022-25601 was published Mar 12, 2022

Sensitive information could be displayed when a detailed technical error message is posted. This... Moderate Unreviewed

CVE-2021-35251 was published Mar 11, 2022

Some AMD CPUs may transiently execute beyond unconditional direct branches, which may potentially... Moderate Unreviewed

CVE-2021-26341 was published Mar 12, 2022

LFENCE/JMP (mitigation V2-2) may not sufficiently mitigate CVE-2017-5715 on some AMD CPUs. Moderate Unreviewed

CVE-2021-26401 was published Mar 12, 2022

Cross-site Scripting (XSS) - Reflected in GitHub repository orchardcms/orchardcore prior to 1.3.0. Moderate Unreviewed

CVE-2022-0822 was published Mar 12, 2022

An issue in index.php of OneNav v0.9.14 allows attackers to perform directory traversal. Moderate Unreviewed

CVE-2022-26276 was published Mar 13, 2022

Cross-site Scripting (XSS) - Stored in GitHub repository orchardcms/orchardcore prior to 1.3.0. Moderate Unreviewed

CVE-2022-0820 was published Mar 12, 2022

An attacker could exploit this vulnerability in Hitachi ABB Power Grids Ellipse Enterprise Asset... Moderate Unreviewed

CVE-2021-27416 was published Mar 12, 2022

Hardware allows activation of test or debug logic at runtime for some Intel(R) Trace Hub... Moderate Unreviewed

CVE-2021-33150 was published Mar 12, 2022

A race condition vulnerability exists in the QuickClean feature of McAfee Total Protection for... Moderate Unreviewed

CVE-2022-0280 was published Mar 12, 2022

An issue was discovered in Luna Simo PPR1.180610.011/202001031830. It sends the following... Moderate Unreviewed

CVE-2021-41849 was published Mar 13, 2022

Previous 1 2 3 4 5 6 7 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

100,303 advisories