GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,189
Erlang
31
GitHub Actions
19
Go
1,985
Maven
5,000+
npm
3,701
NuGet
657
pip
3,326
Pub
11
RubyGems
882
Rust
836
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
5,519 advisories
Filter by severity
Philips MRI 1.5T and MRI 3T Version 5.x.x exposes sensitive information to an actor not...
Moderate
Unreviewed
CVE-2021-42744
was published
Nov 20, 2021
Rapid7 Nexpose versions prior to 6.6.114 suffer from an information exposure issue whereby, when...
Moderate
Unreviewed
CVE-2019-5640
was published
Nov 23, 2021
There is an information leakage vulnerability in FusionCompute 6.5.1, eCNS280_TD V100R005C00 and...
Moderate
Unreviewed
CVE-2021-37036
was published
Nov 24, 2021
IBM MQ Appliance 9.2 CD and 9.2 LTS could allow a local attacker to obtain sensitive information...
Moderate
Unreviewed
CVE-2021-39000
was published
Dec 1, 2021
IBM MQ Appliance could allow a local attacker to obtain sensitive information by inclusion of...
Moderate
Unreviewed
CVE-2021-38999
was published
Dec 1, 2021
Mahavitaran android application 7.50 and prior transmit sensitive information in URL parameters....
Moderate
Unreviewed
CVE-2020-27414
was published
Dec 3, 2021
A exposure of sensitive information to an unauthorized actor in Fortinet FortiAuthenticator...
Moderate
Unreviewed
CVE-2021-43067
was published
Dec 9, 2021
IBM Spectrum Protect Operations Center 7.1, under special configurations, could allow a local...
Moderate
Unreviewed
CVE-2021-38901
was published
Dec 14, 2021
An information disclosure vulnerability in GitLab CE/EE versions 12.0 to 14.3.6, 14.4 to 14.4.4,...
Moderate
Unreviewed
CVE-2021-39941
was published
Dec 14, 2021
The Onion module in toxcore before 0.2.2 doesn't restrict which packets can be onion-routed,...
Moderate
Unreviewed
CVE-2018-25022
was published
Dec 14, 2021
In onCreate of RequestIgnoreBatteryOptimizations.java, there is a possible way to determine...
Moderate
Unreviewed
CVE-2021-1023
was published
Dec 16, 2021
pep_sock_accept in net/phonet/pep.c in the Linux kernel through 5.15.8 has a refcount leak.
Moderate
Unreviewed
CVE-2021-45095
was published
Dec 17, 2021
In geniezone driver, there is a possible out of bounds read due to an incorrect bounds check....
Moderate
Unreviewed
CVE-2021-0676
was published
Dec 18, 2021
An issue was discovered in MediaWiki before 1.35.5, 1.36.x before 1.36.3, and 1.37.x before 1.37...
Moderate
Unreviewed
CVE-2021-45038
was published
Dec 18, 2021
Dell Wyse Device Agent version 14.5.4.1 and below contain a sensitive data exposure vulnerability...
Moderate
Unreviewed
CVE-2021-36341
was published
Dec 22, 2021
IBM Cloud Pak for Security (CP4S) 1.7.2.0, 1.7.1.0, and 1.7.0.0 could allow an authenticated user...
Moderate
Unreviewed
CVE-2021-39013
was published
Dec 23, 2021
Certain NETGEAR devices are affected by disclosure of sensitive information. This affects R6400v2...
Moderate
Unreviewed
CVE-2021-45649
was published
Dec 27, 2021
Certain NETGEAR devices are affected by disclosure of sensitive information. A UPnP request...
Moderate
Unreviewed
CVE-2021-45603
was published
Dec 27, 2021
ManageEngine ADSelfService Plus below build 6116 stores the password policy file for each domain...
Moderate
Unreviewed
CVE-2021-20148
was published
Jan 4, 2022
Exposure of sensitive information to an unauthorized actor vulnerability in KONICA MINOLTA bizhub...
Moderate
Unreviewed
CVE-2021-20871
was published
Jan 5, 2022
Exposure of sensitive information to an unauthorized actor vulnerability in KONICA MINOLTA bizhub...
Moderate
Unreviewed
CVE-2021-20869
was published
Jan 5, 2022
A exposure of sensitive information to an unauthorized actor in Fortinet FortiMail versions 6.0.9...
Moderate
Unreviewed
CVE-2020-15933
was published
Jan 6, 2022
Affected versions of Atlassian Jira Service Management Server and Data Center allow authenticated...
Moderate
Unreviewed
CVE-2021-43951
was published
Jan 11, 2022
Affected versions of Atlassian Jira Service Management Server and Data Center allow authenticated...
Moderate
Unreviewed
CVE-2021-43949
was published
Jan 11, 2022
PartKeepr versions up to v1.4.0, loads attachments using a URL while creating a part and allows...
Moderate
Unreviewed
CVE-2022-22701
was published
Jan 11, 2022
ProTip!
Advisories are also available from the
GraphQL API