Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,247
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

563 advisories

Loading
Java Merge-sort Insecure Temporary File vulnerability Moderate
CVE-2022-24913 was published for com.fasterxml.util:java-merge-sort (Maven) Jan 12, 2023
Apache Superset has Improper Access Control Moderate
CVE-2022-45438 was published for apache-superset (pip) Jan 16, 2023
Some AMD CPUs may transiently execute beyond unconditional direct branches, which may potentially... Moderate Unreviewed
CVE-2021-26341 was published Mar 12, 2022
IBM Engineering Workflow Management 7.0, 7.0.1, and 7.0.2 and IBM Rational Team Concert 6.0.6 and... Moderate Unreviewed
CVE-2020-4989 was published Mar 16, 2022
The /rest-service-fecru/server-v1 resource in Fisheye and Crucible before version 4.8.9 allowed... Moderate Unreviewed
CVE-2021-43955 was published Mar 17, 2022
In __show_regs of process.c, there is a possible leak of kernel memory and addresses due to log... Moderate Unreviewed
CVE-2021-39715 was published Mar 17, 2022
This issue was addressed with improved checks. This issue is fixed in iOS 15.4 and iPadOS 15.4. A... Moderate Unreviewed
CVE-2022-22622 was published Mar 19, 2022
The GSMA authentication panel could be presented on the lock screen. The issue was resolved by... Moderate Unreviewed
CVE-2022-22652 was published Mar 19, 2022
A permissions issue was addressed with improved validation. This issue is fixed in Security... Moderate Unreviewed
CVE-2022-22583 was published Mar 19, 2022
OpenEMR v6.0.0 was discovered to contain an incorrect access control issue. Moderate Unreviewed
CVE-2022-25041 was published Mar 25, 2022
GE UR firmware versions prior to version 8.1x shares MODBUS memory map as part of the... Moderate Unreviewed
CVE-2021-27424 was published Mar 24, 2022
On unix-like systems, the system temporary directory is shared between all users on that system.... Moderate Unreviewed
CVE-2021-22572 was published Mar 30, 2022
In gadget_dev_desc_UDC_show of configfs.c, there is a possible disclosure of kernel heap memory... Moderate Unreviewed
CVE-2021-39648 was published Dec 16, 2021
IBM Cognos Analytics 11.1.7 and 11.2.0 could allow a low level user to reas of the application... Moderate Unreviewed
CVE-2021-29716 was published Dec 4, 2021
In PermissionController, there is a possible permission bypass due to an unsafe PendingIntent.... Moderate Unreviewed
CVE-2021-39757 was published Mar 31, 2022
IBM Cognos Analytics 11.1.7 and 11.2.0 could allow an authenticated to view or edit a Jupyter... Moderate Unreviewed
CVE-2021-29867 was published Dec 4, 2021
In Telephony, there is a possible way to determine whether an app is installed, without query... Moderate Unreviewed
CVE-2021-39777 was published Mar 31, 2022
In code generated by BuildParcelFields of generate_cpp.cpp, there is a possible way for a crafted... Moderate Unreviewed
CVE-2021-0966 was published Dec 16, 2021
Data leak in Canvas in Google Chrome prior to 99.0.4844.51 allowed a remote attacker who... Moderate Unreviewed
CVE-2022-0806 was published Apr 6, 2022
Policy bypass in COOP in Google Chrome prior to 98.0.4758.80 allowed a remote attacker to bypass... Moderate Unreviewed
CVE-2022-0461 was published Apr 6, 2022
Information exposure vulnerability in Samsung DeX Home prior to SMR April-2022 Release 1 allows... Moderate Unreviewed
CVE-2022-27576 was published Apr 12, 2022
Telephony application has a Exposure of Sensitive Information to an Unauthorized Actor... Moderate Unreviewed
CVE-2021-39980 was published Jan 4, 2022
Information exposure vulnerability in ril property setting prior to SMR April-2022 Release 1... Moderate Unreviewed
CVE-2022-27822 was published Apr 12, 2022
VMware Workspace ONE Access, Identity Manager and vRealize Automation contain an information... Moderate Unreviewed
CVE-2022-22961 was published Apr 14, 2022
Dell PowerScale OneFS, 8.2,x, 9.1.0.x, 9.2.1.x, and 9.3.0.x contain a denial of service... Moderate Unreviewed
CVE-2022-23163 was published Apr 13, 2022
ProTip! Advisories are also available from the GraphQL API