Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,902
Maven
5,000+
npm
3,631
NuGet
638
pip
3,246
Pub
10
RubyGems
863
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

73 advisories

Loading
There is a Incomplete Cleanup vulnerability in Huawei Smartphone.Successful exploitation of this... High Unreviewed
CVE-2021-37089 was published Dec 8, 2021
There is a Incomplete Cleanup vulnerability in Huawei Smartphone.Successful exploitation of this... High Unreviewed
CVE-2021-37080 was published Dec 8, 2021
There is a Incomplete Cleanup vulnerability in Huawei Smartphone.Successful exploitation of this... High Unreviewed
CVE-2021-37092 was published Dec 9, 2021
A vulnerability was found in the Linux kernel's KVM subsystem in arch/x86/kvm/lapic.c... Moderate Unreviewed
CVE-2021-4032 was published Jan 22, 2022
Insufficient cleanup of passed-through device IRQs The management of IRQs associated with... Moderate Unreviewed
CVE-2022-23035 was published Jan 26, 2022
A flaw use after free in the Linux kernel Management Component Transport Protocol (MCTP)... High Unreviewed
CVE-2022-0646 was published Feb 19, 2022
Under certain circumstances the session token is not cleared on logout. Critical Unreviewed
CVE-2021-36205 was published Apr 16, 2022
An exploitable privilege escalation vulnerability exists in the helper service CleanMyMac X,... Moderate Unreviewed
CVE-2019-5011 was published Apr 30, 2022
ICQwebmail client for ICQ 2000A creates a world readable temporary file during login and does not... Low Unreviewed
CVE-2000-0552 was published Apr 30, 2022
An interaction between PGP 7.0.3 with the "wipe deleted files" option, when used on Windows... Low Unreviewed
CVE-2002-0788 was published Apr 30, 2022
PGP 6.x and 7.x does not clear Windows alternate data streams that are attached to files on NTFS... Moderate Unreviewed
CVE-2002-2069 was published Apr 30, 2022
BestCrypt BCWipe 1.0.7 and 2.0 through 2.35.1 does not clear Windows alternate data streams that... Moderate Unreviewed
CVE-2002-2066 was published Apr 30, 2022
Eraser 5.3 does not clear Windows alternate data streams that are attached to files on NTFS file... Moderate Unreviewed
CVE-2002-2068 was published Apr 30, 2022
East-Tec Eraser 2002 does not clear Windows alternate data streams that are attached to files on... Moderate Unreviewed
CVE-2002-2067 was published Apr 30, 2022
SecureClean 3 build 2.0 does not clear Windows alternate data streams that are attached to files... Moderate Unreviewed
CVE-2002-2070 was published Apr 30, 2022
BEA WebLogic Server and WebLogic Express 7.0 through Service Pack 5 does not log out users when... High Unreviewed
CVE-2005-1744 was published May 1, 2022
Oracle Formsbuilder 9.0.4 stores database usernames and passwords in a temporary file, which is... Low Unreviewed
CVE-2005-2293 was published May 1, 2022
RSA BSAFE SSL-J versions prior to 6.2.4 contain a Heap Inspection vulnerability that could allow... Moderate Unreviewed
CVE-2018-11068 was published May 13, 2022
In FreeBSD before 11.2-STABLE(r343782), 11.2-RELEASE-p9, 12.0-STABLE(r343781), and 12.0-RELEASE... Moderate Unreviewed
CVE-2019-5595 was published May 13, 2022
A vulnerability in the installation process of Cisco HyperFlex Software could allow an... Moderate Unreviewed
CVE-2018-15407 was published May 13, 2022
Insufficiently quick clearing of stale rendered content in Navigation in Google Chrome prior to... Moderate Unreviewed
CVE-2018-17467 was published May 13, 2022
Since Linux kernel version 3.2, the mremap() syscall performs TLB flushes after dropping... High Unreviewed
CVE-2018-18281 was published May 13, 2022
The image-upload feature in ProjeQtOr 7.2.5 allows remote attackers to execute arbitrary code by... High Unreviewed
CVE-2018-18924 was published May 13, 2022
In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, GTM, Link Controller, PEM and Websafe... High Unreviewed
CVE-2017-0303 was published May 13, 2022
An issue was discovered in chan_skinny.c in Asterisk Open Source 13.18.2 and older, 14.7.2 and... High Unreviewed
CVE-2017-17090 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API