GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,968
Erlang
29
GitHub Actions
16
Go
1,752
Maven
4,982
npm
3,516
NuGet
609
pip
3,090
Pub
10
RubyGems
832
Rust
782
Swift
34
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
100,303 advisories
Filter by severity
In connsyslogger, there is a possible symbolic link following due to improper link resolution....
Moderate
Unreviewed
CVE-2022-20050
was published
Mar 11, 2022
The pointer-validation logic in util/mem_util.rs in Occlum before 0.26.0 for Intel SGX acts as a...
Moderate
Unreviewed
CVE-2021-44421
was published
Mar 11, 2022
Ericsson Network Manager 20.2 has Insecure Permissions.
Moderate
Unreviewed
CVE-2021-28488
was published
Mar 11, 2022
A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists that could...
Moderate
Unreviewed
CVE-2022-24323
was published
Mar 11, 2022
SAS Logon Manager v9.4 was discovered to contain a vulnerability in the web UI which would allow...
Moderate
Unreviewed
CVE-2021-42186
was published
Mar 11, 2022
It was discovered that the SteelCentral AppInternals Dynamic Sampling Agent's (DSA)...
Moderate
Unreviewed
CVE-2021-42857
was published
Mar 11, 2022
Cross-site Scripting (XSS) vulnerability in log view of Secomea SiteManager allows a logged in...
Moderate
Unreviewed
CVE-2021-32005
was published
Mar 11, 2022
Adobe Photoshop versions 23.1.1 (and earlier) and 22.5.5 (and earlier) are affected by an out-of...
Moderate
Unreviewed
CVE-2022-24090
was published
Mar 12, 2022
Cross-site Scripting (XSS) vulnerability in firmware section of Secomea GateManager allows logged...
Moderate
Unreviewed
CVE-2021-32009
was published
Mar 12, 2022
Ming 0.4.8 has an out-of-bounds read vulnerability in the function decompileIF() in the decompile...
Moderate
Unreviewed
CVE-2021-34341
was published
Mar 11, 2022
A cross-site scripting (XSS) attack can cause arbitrary code (javascript) to run in a user’s...
Moderate
Unreviewed
CVE-2021-33852
was published
Mar 11, 2022
Ming 0.4.8 has an out-of-bounds read vulnerability in the function newVar_N() in decompile.c...
Moderate
Unreviewed
CVE-2021-34342
was published
Mar 11, 2022
The function bitstr_tell at bitstr.c in ffjpeg commit 4ab404e has a NULL pointer dereference.
Moderate
Unreviewed
CVE-2021-34122
was published
Mar 11, 2022
Information Leak Vulnerability exists in the Xiaomi Router AX6000. The vulnerability is caused by...
Moderate
Unreviewed
CVE-2020-14112
was published
Mar 11, 2022
Reflected Cross-Site Scripting (XSS) vulnerability affecting parameter &tab discovered in Contact...
Moderate
Unreviewed
CVE-2022-25601
was published
Mar 12, 2022
Sensitive information could be displayed when a detailed technical error message is posted. This...
Moderate
Unreviewed
CVE-2021-35251
was published
Mar 11, 2022
Some AMD CPUs may transiently execute beyond unconditional direct branches, which may potentially...
Moderate
Unreviewed
CVE-2021-26341
was published
Mar 12, 2022
LFENCE/JMP (mitigation V2-2) may not sufficiently mitigate CVE-2017-5715 on some AMD CPUs.
Moderate
Unreviewed
CVE-2021-26401
was published
Mar 12, 2022
Cross-site Scripting (XSS) - Reflected in GitHub repository orchardcms/orchardcore prior to 1.3.0.
Moderate
Unreviewed
CVE-2022-0822
was published
Mar 12, 2022
An issue in index.php of OneNav v0.9.14 allows attackers to perform directory traversal.
Moderate
Unreviewed
CVE-2022-26276
was published
Mar 13, 2022
Cross-site Scripting (XSS) - Stored in GitHub repository orchardcms/orchardcore prior to 1.3.0.
Moderate
Unreviewed
CVE-2022-0820
was published
Mar 12, 2022
An attacker could exploit this vulnerability in Hitachi ABB Power Grids Ellipse Enterprise Asset...
Moderate
Unreviewed
CVE-2021-27416
was published
Mar 12, 2022
Hardware allows activation of test or debug logic at runtime for some Intel(R) Trace Hub...
Moderate
Unreviewed
CVE-2021-33150
was published
Mar 12, 2022
A race condition vulnerability exists in the QuickClean feature of McAfee Total Protection for...
Moderate
Unreviewed
CVE-2022-0280
was published
Mar 12, 2022
An issue was discovered in Luna Simo PPR1.180610.011/202001031830. It sends the following...
Moderate
Unreviewed
CVE-2021-41849
was published
Mar 13, 2022
ProTip!
Advisories are also available from the
GraphQL API