Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

493 advisories

Loading
Dell NetWorker versions 19.5 and earlier contain 'RabbitMQ' version disclosure vulnerability. A... Moderate Unreviewed
CVE-2023-24567 was published Mar 1, 2023
A vulnerability exists which allows an authenticated attacker to access sensitive information on... Moderate Unreviewed
CVE-2023-22775 was published Mar 1, 2023
An authenticated information disclosure vulnerability exists in the ArubaOS web-based management... Moderate Unreviewed
CVE-2023-22777 was published Mar 1, 2023
This issue was addressed by enabling hardened runtime. This issue is fixed in macOS Monterey 12.6... Moderate Unreviewed
CVE-2022-32896 was published Feb 27, 2023
The issue was addressed with improved memory handling This issue is fixed in macOS Ventura 13.2.... Moderate Unreviewed
CVE-2023-23501 was published Feb 27, 2023
AMI MegaRAC SPX devices allow User Enumeration through Redfish. The fixed versions are SPx12... Moderate Unreviewed
CVE-2023-25192 was published Feb 15, 2023
HTTP.sys Information Disclosure Vulnerability Moderate Unreviewed
CVE-2023-21687 was published Feb 14, 2023
Microsoft Office Information Disclosure Vulnerability Moderate Unreviewed
CVE-2023-21714 was published Feb 14, 2023
Dell BSAFE SSL-J when used in debug mode can reveal unnecessary information. An attacker could... Moderate Unreviewed
CVE-2022-34364 was published Feb 10, 2023
Dell VxRail, versions prior to 7.0.410, contain a Container Escape Vulnerability. A local high... Moderate Unreviewed
CVE-2022-46756 was published Feb 1, 2023
An information disclosure vulnerability in Totolink A830R V4.1.2cu.5182 allows attackers to... Moderate Unreviewed
CVE-2022-48067 was published Jan 27, 2023
File existence disclosure vulnerability in NetIQ Identity Manager plugin prior to version 4.8.5... Moderate Unreviewed
CVE-2022-26329 was published Jan 26, 2023
An issue was discovered in the CheckUser extension for MediaWiki through 1.39.x. Various... Moderate Unreviewed
CVE-2022-39193 was published Jan 20, 2023
Insufficient validation in ASP BIOS and DRTM commands may allow malicious supervisor x86 software... Moderate Unreviewed
CVE-2021-26343 was published Jan 11, 2023
Inappropriate implementation in File System API in Google Chrome on Windows prior to 97.0.4692.71... Moderate Unreviewed
CVE-2022-0337 was published Jan 3, 2023
Inappropriate implementation in Paint in Google Chrome prior to 98.0.4758.80 allowed a remote... Moderate Unreviewed
CVE-2022-4025 was published Jan 3, 2023
In Pilz PMC programming tool 3.x before 3.5.17 (based on CODESYS Development System), an attacker... Moderate Unreviewed
CVE-2019-9011 was published Dec 26, 2022
An issue was discovered in MediaWiki before 1.35.5, 1.36.x before 1.36.3, and 1.37.x before 1.37... Moderate Unreviewed
CVE-2021-44854 was published Dec 26, 2022
Planet eStream before 6.72.10.07 discloses sensitive information, related to the ON cookie ... Moderate Unreviewed
CVE-2022-45895 was published Dec 25, 2022
A website that had permission to access the microphone could record audio without the audio... Moderate Unreviewed
CVE-2022-38474 was published Dec 22, 2022
vRealize Operations (vROps) contains a broken access control vulnerability. VMware has evaluated... Moderate Unreviewed
CVE-2022-31708 was published Dec 21, 2022
An issue existed with the file paths used to store website data. The issue was resolved by... Moderate Unreviewed
CVE-2022-32833 was published Dec 15, 2022
This issue was addressed with improved data protection. This issue is fixed in iOS 16.2 and... Moderate Unreviewed
CVE-2022-42843 was published Dec 15, 2022
Under certain conditions, an attacker authenticated as a CMS administrator and with high... Moderate Unreviewed
CVE-2022-31596 was published Dec 12, 2022
Teleport v3.2.2, Teleport v3.5.6-rc6, and Teleport v3.6.3-b2 was discovered to contain an... Moderate Unreviewed
CVE-2022-38599 was published Dec 8, 2022
ProTip! Advisories are also available from the GraphQL API