Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,097
Erlang
29
GitHub Actions
19
Go
1,925
Maven
5,000+
npm
3,657
NuGet
638
pip
3,264
Pub
10
RubyGems
873
Rust
823
Swift
35
Unreviewed advisories
All unreviewed
5,000+

121 advisories

Loading
Active Debug Code vulnerability in Mitsubishi Electric Corporation MELSEC WS Series WS0-GETH00200... High Unreviewed
CVE-2023-1618 was published May 19, 2023
Apache superset missing check for default SECRET_KEY High
CVE-2023-27524 was published for apache-superset (pip) Apr 24, 2023
An Insecure Default Initialization of Resource vulnerability in Juniper Networks Junos OS Evolved... Moderate Unreviewed
CVE-2023-28978 was published Apr 18, 2023
In JetBrains IntelliJ IDEA before 2023.1 the bundled version of Chromium wasn't sandboxed. High Unreviewed
CVE-2022-48432 was published Mar 29, 2023
In multiple products of CODESYS v3 in multiple versions a remote low privileged user could... High Unreviewed
CVE-2022-4224 was published Mar 23, 2023
In JetBrains TeamCity before 2022.10.2 jVMTI was enabled by default on agents. Critical Unreviewed
CVE-2022-48342 was published Feb 23, 2023
An insecure default vulnerability exists in the Post Creation functionality of Ghost Foundation... Moderate Unreviewed
CVE-2022-47194 was published Jan 19, 2023
An insecure default vulnerability exists in the Post Creation functionality of Ghost Foundation... Moderate Unreviewed
CVE-2022-47196 was published Jan 19, 2023
A regression exists in the Linux Kernel within KVM: nVMX that allowed for speculative execution... High Unreviewed
CVE-2022-2196 was published Jan 9, 2023
In applyKeyguardFlags of NotificationShadeWindowControllerImpl.java, there is a possible way to... Moderate Unreviewed
CVE-2022-20466 was published Dec 13, 2022
A flaw was found in Openshift. A pod with a DNSPolicy of "ClusterFirst" may incorrectly resolve... High Unreviewed
CVE-2022-3262 was published Dec 8, 2022
In JetBrains TeamCity between 2022.10 and 2022.10.1 connecting to AWS using the "Default... Moderate Unreviewed
CVE-2022-46831 was published Dec 8, 2022
Insecure default variable initialization in BIOS firmware for some Intel(R) NUC Boards and Intel... Moderate Unreviewed
CVE-2022-36349 was published Nov 11, 2022
Apache Isis webconsole module may directly query the database in prototype mode Moderate
CVE-2022-42467 was published for org.apache.isis.core:isis-core (Maven) Oct 19, 2022
Tinyproxy commit 84f203f and earlier does not process HTTP request lines in the process_request()... High Unreviewed
CVE-2022-40468 was published Sep 20, 2022
WildFly vulnerable to Insecure Default Initialization of Resource High
CVE-2022-1278 was published for org.wildfly.bom:wildfly (Maven) Sep 14, 2022
A flaw was found in servicemesh-operator. The NetworkPolicy resources installed for Maistra do... Critical Unreviewed
CVE-2021-3586 was published Aug 23, 2022
Dell PowerScale OneFS, versions 9.0.0, up to and including 9.1.0.19, 9.2.1.12, 9.3.0.6, and 9.4.0... Moderate Unreviewed
CVE-2022-32480 was published Aug 23, 2022
In WiFi, there is a possible disclosure of WiFi password to the end user due to an insecure... Low Unreviewed
CVE-2022-20342 was published Aug 13, 2022
In CODESYS V2 PLCWinNT and Runtime Toolkit 32 in versions prior to V2.4.7.57 password protection... Critical Unreviewed
CVE-2022-31806 was published Jun 25, 2022
The Orca HCM digital learning platform uses a weak factory default administrator password, which... Critical Unreviewed
CVE-2021-35965 was published May 24, 2022
Dell EMC Integrated System for Microsoft Azure Stack Hub, versions 1906 – 2011, contain an... Critical Unreviewed
CVE-2021-21505 was published May 24, 2022
Multiple vulnerabilities in the web-based management interface of the Cisco Catalyst Passive... Critical Unreviewed
CVE-2021-34795 was published May 24, 2022
nLight ECLYPSE (nECY) system Controllers running software prior to 1.17.21245.754 contain a... High Unreviewed
CVE-2021-40825 was published May 24, 2022
Insecure default variable initialization for the Intel BSSA DFT feature may allow a privileged... Moderate Unreviewed
CVE-2021-0114 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database