GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
20
Go
2,000
Maven
5,000+
npm
3,711
NuGet
661
pip
3,383
Pub
11
RubyGems
885
Rust
849
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
9,976 advisories
Filter by severity
Insufficient input validation in the SMU may allow a physical attacker to exfiltrate SMU memory...
Low
Unreviewed
CVE-2023-20528
was published
Jan 11, 2023
yaws_config.erl in Yaws through 2.0.2 and/or 2.0.7 loads obsolete TLS ciphers, as demonstrated by...
Low
Unreviewed
CVE-2020-12872
was published
May 24, 2022
In createAdminSupportIntent of DevicePolicyManagerService.java, there is a possible way to...
Low
Unreviewed
CVE-2021-0983
was published
Dec 16, 2021
Unprotected Activity in AppLock prior to SMR Mar-2022 Release 1 allows attacker to change the...
Low
Unreviewed
CVE-2022-24929
was published
Mar 11, 2022
IBM Spectrum Protect Operations Center 8.1.0.000 through 8.1.13.xxx is vulnerable to reverse...
Low
Unreviewed
CVE-2022-22348
was published
Mar 15, 2022
** DISPUTED ** An issue was discovered in OpenSSH before 8.9. If a client is using public-key...
Low
Unreviewed
CVE-2021-36368
was published
Mar 14, 2022
Adobe Character Animator version 4.4 (and earlier versions) are affected by an out-of-bounds read...
Low
Unreviewed
CVE-2021-40769
was published
Mar 17, 2022
Adobe Character Animator version 4.4 (and earlier versions) are affected by an out-of-bounds read...
Low
Unreviewed
CVE-2021-40766
was published
Mar 17, 2022
Cross-site scripting (XSS) vulnerability in the Messaging module 6.x-2.x before 6.x-2.4 and 6.x-4...
Low
Unreviewed
CVE-2011-1066
was published
May 17, 2022
lnsfw1.sys 6.0.2900.5512 in Look 'n' Stop Firewall 2.06p4 and 2.07 allows local users to cause a...
Low
Unreviewed
CVE-2011-0652
was published
May 17, 2022
The rfbSendFramebufferUpdate function in server/libvncserver/rfbserver.c in vino-server in Vino 2...
Low
Unreviewed
CVE-2011-0904
was published
May 17, 2022
The class file parser in IBM Java before 1.4.2 SR13 FP9, as used in IBM Runtimes for Java...
Low
Unreviewed
CVE-2011-0311
was published
May 17, 2022
HP Multifunction Peripheral (MFP) Digital Sending Software (DSS) 4.91.00 does not properly...
Low
Unreviewed
CVE-2011-0279
was published
May 17, 2022
Oracle Solaris 8, 9, and 10 stores back-out patch files (undo.Z) unencrypted with world-readable...
Low
Unreviewed
CVE-2011-0412
was published
May 17, 2022
WebKit in Apple Safari before 5.0.4, when the Web Inspector is used, does not properly handle the...
Low
Unreviewed
CVE-2011-0169
was published
May 17, 2022
MyBB (aka MyBulletinBoard) before 1.4.12 allows remote authenticated users to bypass intended...
Low
Unreviewed
CVE-2010-4624
was published
May 17, 2022
Unspecified vulnerability in Oracle Solaris 10 allows local users to affect confidentiality and...
Low
Unreviewed
CVE-2010-4460
was published
May 17, 2022
Linux kernel 2.6.33 and 2.6.34.y does not initialize the kvm_vcpu_events->interrupt.pad structure...
Low
Unreviewed
CVE-2010-4525
was published
May 17, 2022
An authentication issue was addressed with improved state management. This issue is fixed in...
Low
Unreviewed
CVE-2022-22656
was published
Mar 19, 2022
An issue with app access to camera metadata was addressed with improved logic. This issue is...
Low
Unreviewed
CVE-2022-22598
was published
Mar 19, 2022
An insecure permissions vulnerability in Snapt Aria v12.8 allows unauthenticated attackers to...
Low
Unreviewed
CVE-2022-24236
was published
Mar 22, 2022
Description: A permissions issue was addressed with improved validation. This issue is fixed in...
Low
Unreviewed
CVE-2022-22599
was published
Mar 19, 2022
Philips Gemini PET/CT family software stores sensitive information in a removable media device...
Low
Unreviewed
CVE-2021-27456
was published
Mar 24, 2022
A vulnerability classified as problematic has been found in Mirmay Secure Private Browser and...
Low
Unreviewed
CVE-2018-25030
was published
Mar 29, 2022
The PayPal app before 3.0.1 for iOS does not verify that the server hostname matches the domain...
Low
Unreviewed
CVE-2010-4211
was published
May 17, 2022
ProTip!
Advisories are also available from the
GraphQL API