GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
493 advisories
Filter by severity
An improper access control vulnerability exists in GitLab Remote Development affecting all...
Moderate
Unreviewed
CVE-2023-6955
was published
Jan 12, 2024
Error in parser function in M-Files Server versions before 22.6.11534.1 and before 22.6.11505.0...
Moderate
Unreviewed
CVE-2022-1911
was published
Nov 30, 2022
A partial fix for CVE-2024-39884 in the core of Apache HTTP Server 2.4.61 ignores some use of...
Moderate
Unreviewed
CVE-2024-40725
was published
Jul 18, 2024
IBM Maximo Asset Management 7.6.1.3 and IBM Maximo Application Suite 8.10 and 8.11 allows web...
Moderate
Unreviewed
CVE-2024-22333
was published
Jun 13, 2024
An Exposure of Resource to Wrong Sphere vulnerability in the sampling service of Juniper Networks...
Moderate
Unreviewed
CVE-2024-39553
was published
Jul 11, 2024
Microsoft Word Information Disclosure Vulnerability
Moderate
Unreviewed
CVE-2023-36761
was published
Sep 12, 2023
CWE-668: Exposure of the Resource Wrong Sphere vulnerability exists that exposes a SSH
interface...
Moderate
Unreviewed
CVE-2024-5313
was published
Jun 12, 2024
A flaw was found in the blkgs destruction path in block/blk-cgroup.c in the Linux kernel, leading...
Moderate
Unreviewed
CVE-2024-0443
was published
Jan 12, 2024
Softing Secure Integration Server Exposure of Resource to Wrong Sphere Remote Code Execution...
Moderate
Unreviewed
CVE-2023-39478
was published
May 3, 2024
In the Linux kernel, the following vulnerability has been resolved:
HID: usbhid: fix info leak...
Moderate
Unreviewed
CVE-2021-46906
was published
Feb 26, 2024
Information disclosure in Linux Networking Firmware due to unauthorized information leak during...
Moderate
Unreviewed
CVE-2022-40525
was published
Jun 6, 2023
Information disclosure in Kernel due to indirect branch misprediction.
Moderate
Unreviewed
CVE-2022-40523
was published
Jun 6, 2023
In the Linux kernel, the following vulnerability has been resolved:
binder: fix async_free_space...
Moderate
Unreviewed
CVE-2021-46935
was published
Feb 27, 2024
In the Linux kernel, the following vulnerability has been resolved:
dmaengine: idxd: fix wq...
Moderate
Unreviewed
CVE-2021-46917
was published
Feb 27, 2024
In the Linux kernel, the following vulnerability has been resolved:
mm/damon/dbgfs: fix 'struct...
Moderate
Unreviewed
CVE-2021-46937
was published
Feb 27, 2024
An Exposure of Resource to Wrong Sphere vulnerability in the Packet Forwarding Engine (PFE) of...
Moderate
Unreviewed
CVE-2024-21605
was published
Apr 12, 2024
Windows CoreMessaging Information Disclosure Vulnerability
Moderate
Unreviewed
CVE-2024-20694
was published
Jan 9, 2024
Microsoft Local Security Authority Subsystem Service Information Disclosure Vulnerability
Moderate
Unreviewed
CVE-2024-20692
was published
Jan 9, 2024
An information disclosure vulnerability exists in the CtEnumCa() functionality of SoftEther VPN 4...
Moderate
Unreviewed
CVE-2023-32275
was published
Oct 12, 2023
An information disclosure vulnerability in the?faye endpoint in Proofpoint Threat Response /...
Moderate
Unreviewed
CVE-2023-2820
was published
Jun 15, 2023
The Sangfor Next-Gen Application Firewall version NGAF8.0.17 is vulnerable to a source code...
Moderate
Unreviewed
CVE-2023-30802
was published
Oct 10, 2023
In the Linux kernel, the following vulnerability has been resolved:
locking/qrwlock: Fix...
Moderate
Unreviewed
CVE-2021-46921
was published
Feb 27, 2024
In the Linux kernel, the following vulnerability has been resolved:
fs/mount_setattr: always...
Moderate
Unreviewed
CVE-2021-46923
was published
Feb 27, 2024
curl 7.61.0 through 7.76.1 suffers from exposure of data element to wrong session due to a...
Moderate
Unreviewed
CVE-2021-22897
was published
May 24, 2022
libcurl wrongly allows cookies to be set for Top Level Domains (TLDs) if thehost name is provided...
Moderate
Unreviewed
CVE-2022-27779
was published
Jun 3, 2022
ProTip!
Advisories are also available from the
GraphQL API