Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,300
Erlang
31
GitHub Actions
21
Go
2,069
Maven
5,000+
npm
3,744
NuGet
668
pip
3,429
Pub
12
RubyGems
892
Rust
880
Swift
36
Unreviewed advisories
All unreviewed
5,000+

994 advisories

Loading
NVIDIA GPU Display Driver for Windows contains a vulnerability in the kernel mode layer (nvlddmkm... Low Unreviewed
CVE-2022-42266 was published Dec 31, 2022
Exposure of Sensitive Information vulnerability in Samsung Settings prior to SMR Dec-2022 Release... Low Unreviewed
CVE-2022-39904 was published Dec 8, 2022
Traefik may display authorization header in the debug logs Low
CVE-2022-23469 was published for github.com/traefik/traefik/v2 (Go) Dec 8, 2022
Temporary File Information Disclosure vulnerability in MPXJ Low
CVE-2022-41954 was published for mpxj (Maven) Nov 28, 2022
JLLeitschuh jkmartindale
Tailscale daemon is vulnerable to information disclosure via CSRF Low
CVE-2022-41925 was published for tailscale.com/cmd (Go) Nov 21, 2022
emilytrau JJJollyjim
Container build can leak any path on the host into the container Low
GHSA-vp35-85q5-9f25 was published for github.com/docker/docker (Go) Nov 11, 2022
leonwxqian corhere
neersighted
Exposure of sensitive information in AT_Distributor prior to SMR Oct-2022 Release 1 allows local... Low Unreviewed
CVE-2022-39848 was published Oct 7, 2022
Dell BIOS versions contain an Information Exposure vulnerability. A local authenticated... Low Unreviewed
CVE-2022-31221 was published Sep 13, 2022
Exposure of Sensitive Information in Find My Mobile prior to version 7.2.25.14 allows local... Low Unreviewed
CVE-2022-36878 was published Sep 10, 2022
In Splunk Enterprise versions in the following table, an authenticated user can craft a dashboard... Low Unreviewed
CVE-2022-37438 was published Aug 17, 2022
Flask-AppBuilder before v4.1.3 allows inference of sensitive information through query strings Low
CVE-2022-31177 was published for Flask-AppBuilder (pip) Jul 29, 2022
Puppet Bolt prior to version 3.24.0 will print sensitive parameters when planning a run resulting... Low Unreviewed
CVE-2022-2394 was published Jul 20, 2022
An exploitable information disclosure vulnerability exists in SoftPerfect’s RAM Disk 4.1 spvve... Low Unreviewed
CVE-2020-13523 was published May 24, 2022
SITEL CAP/PRX firmware version 5.2.01 allows an attacker with access to the local network, to... Low Unreviewed
CVE-2021-32453 was published May 24, 2022
In multiple places, it was possible for the primary user’s dictionary to be visible to and... Low Unreviewed
CVE-2020-0017 was published May 24, 2022
A vulnerability in the implementation of a CLI diagnostic command in Cisco FXOS Software and... Low Unreviewed
CVE-2019-1734 was published May 24, 2022
An exposure of sensitive information to an unauthorized actor [CWE-200] vulnerability in... Low Unreviewed
CVE-2021-36192 was published May 24, 2022
IBM Cognos Analytics 11.1.7 and 11.2.0 contains locally cached browser data, that could allow a... Low Unreviewed
CVE-2020-4951 was published May 24, 2022
Acrobat Reader DC ActiveX Control versions 2021.005.20060 (and earlier), 2020.004.30006 (and... Low Unreviewed
CVE-2021-39856 was published May 24, 2022
Magento Information Disclosure vulnerability Low
CVE-2021-28566 was published for magento/community-edition (Composer) May 24, 2022
NCH Reflect CRM 3.01 allows local users to discover cleartext user account information by reading... Low Unreviewed
CVE-2021-37468 was published May 24, 2022
IBM Cloud Pak System 2.3 could allow a local user in some situations to view the artifacts of... Low Unreviewed
CVE-2021-20478 was published May 24, 2022
Dell Wyse Management Suite versions 3.2 and earlier contain a full path disclosure vulnerability.... Low Unreviewed
CVE-2021-21587 was published May 24, 2022
A flaw was found in the Linux kernel in versions before 5.4.92 in the BPF protocol. This flaw... Low Unreviewed
CVE-2021-20239 was published May 24, 2022
A data exposure flaw was found in Ansible Tower in versions before 3.7.2, where sensitive data... Low Unreviewed
CVE-2020-14329 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database