GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,099
Composer 4,077
Erlang 29
GitHub Actions 19
Go 1,903
Maven 5,100
npm 3,632
NuGet 638
pip 3,249
Pub 10
RubyGems 864
Rust 818
Swift 35

Unreviewed advisories

All unreviewed 228,476

CC-BY-4.0 License

Language support

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

7,857 advisories

Filter by severity

Sort by

Least recently updated

Information Exposure vulnerability in Watch Active2 Plugin prior to version 2.2.08.22012751... Low Unreviewed

CVE-2022-25829 was published Mar 11, 2022

Information Exposure vulnerability in Galaxy Watch3 Plugin prior to version 2.2.09.22012751... Low Unreviewed

CVE-2022-25830 was published Mar 11, 2022

SPIP before 3.2.14 and 4.x before 4.0.5 allows unauthenticated access to information about... Moderate Unreviewed

CVE-2022-26847 was published Mar 11, 2022

IBM Guardium Data Encryption (GDE) 4.0.0.0 and 5.0.0.0 could disclose internal IP address... Moderate Unreviewed

CVE-2021-39025 was published Mar 11, 2022

The Video Conferencing with Zoom WordPress plugin before 3.8.17 does not have authorisation in... Moderate Unreviewed

CVE-2022-0384 was published Mar 8, 2022

The CorreosExpress WordPress plugin through 2.6.0 generates log files which are publicly... Moderate Unreviewed

CVE-2021-25009 was published Mar 8, 2022

A flaw was found in postgresql. A purpose-crafted query can read arbitrary bytes of server memory... Moderate Unreviewed

CVE-2021-3677 was published Mar 4, 2022

Zoho ManageEngine Desktop Central before 10.1.2137.8 exposes the installed server name to anyone.... Moderate Unreviewed

CVE-2022-23779 was published Mar 3, 2022

An exposure of sensitive system information to an unauthorized control sphere vulnerability [CWE... Moderate Unreviewed

CVE-2022-22303 was published Mar 3, 2022

An issue was discovered in Zoho ManageEngine Key Manager Plus before 6200. A service exposed by... Moderate Unreviewed

CVE-2022-24447 was published Mar 3, 2022

The Customize WordPress Emails and Alerts WordPress plugin before 1.8.7 does not have... Moderate Unreviewed

CVE-2022-0345 was published Mar 1, 2022

The Yoast SEO WordPress plugin before 17.3 discloses the full internal path of featured images in... Moderate Unreviewed

CVE-2021-25118 was published Mar 1, 2022

All versions of FileCloud prior to 21.3 are vulnerable to user enumeration. The vulnerability... Moderate Unreviewed

CVE-2022-24633 was published Feb 25, 2022

All versions of Samba prior to 4.15.5 are vulnerable to a malicious client using a server symlink... Moderate Unreviewed

CVE-2021-44141 was published Feb 22, 2022

Sensitive information disclosure discovered in wpDiscuz WordPress plugin (versions <= 7.3.11). High Unreviewed

CVE-2022-23984 was published Feb 22, 2022

Mattermost 6.3.0 and earlier fails to protect email addresses of the creator of the team via one... Moderate Unreviewed

CVE-2022-0708 was published Feb 22, 2022

A flaw was found in s390 eBPF JIT in bpf_jit_insn in arch/s390/net/bpf_jit_comp.c in the Linux... Moderate Unreviewed

CVE-2021-20320 was published Feb 19, 2022

The vulnerability discovered in WordPress Perfect Brands for WooCommerce plugin (versions <= 2.0... High Unreviewed

CVE-2022-23982 was published Feb 19, 2022

A flaw in netfilter could allow a network-connected attacker to infer openvpn connection endpoint... Critical Unreviewed

CVE-2021-3773 was published Feb 17, 2022

Exposure of Sensitive Information to an Unauthorized Actor in Apache Guacamole Moderate Unreviewed

CVE-2021-41767 was published Feb 15, 2022

The Futurio Extra WordPress plugin before 1.6.3 allowed any logged in user, even a subscriber,... Moderate Unreviewed

CVE-2021-25110 was published Feb 15, 2022

** UNSUPPORTED WHEN ASSIGNED ** Emerson Dixell XWEB-500 products are affected by information... High Unreviewed

CVE-2021-45421 was published Feb 15, 2022

** UNSUPPORTED WHEN ASSIGNED ** Emerson Dixell XWEB-500 products are affected by arbitrary file... Critical Unreviewed

CVE-2021-45420 was published Feb 15, 2022

A CWE-200: Information Exposure vulnerability exists that could cause sensitive information of... High Unreviewed

CVE-2021-22785 was published Feb 12, 2022

An Information Disclosure vulnerability for JT files in Autodesk Inventor 2022, 2021, 2020, 2019... High Unreviewed

CVE-2021-40159 was published Feb 11, 2022

Previous 1 2 … 309 310 311 312 313 314 315 Next

ProTip! Advisories are also available from the GraphQL API

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

7,857 advisories