Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,835
Erlang
36
GitHub Actions
33
Go
2,452
Maven
5,000+
npm
4,077
NuGet
723
pip
3,868
Pub
12
RubyGems
943
Rust
1,010
Swift
39
Unreviewed advisories
All unreviewed
5,000+

567 advisories

Loading
MantisBT may disclose project names to unauthorized users Moderate
CVE-2023-44394 was published for mantisbt/mantisbt (Composer) Oct 17, 2023
Mattermost vulnerable to information disclosure Moderate
CVE-2023-1777 was published for github.com/mattermost/mattermost-server (Go) Mar 31, 2023
CWE-668: Exposure of Resource to Wrong Sphere vulnerability exists that exposes TGML diagram... Moderate Unreviewed
CVE-2025-6788 was published Jul 11, 2025
HashiCorp Vagrant has code injection vulnerability through default synced folders Moderate
CVE-2025-34075 was published for vagrant (RubyGems) Jul 2, 2025
Software installed and running inside a Guest VM may override Firmware's state and gain access to... Moderate Unreviewed
CVE-2025-46707 was published Jun 27, 2025
Quarkus potentially leaks data when duplicating a duplicated context Moderate
CVE-2025-49574 was published for io.quarkus:quarkus-vertx (Maven) Jun 23, 2025
markusdlugi
An issue was discovered in Zoho ManageEngine Key Manager Plus 6.1.6. A user, with the level... Moderate Unreviewed
CVE-2022-24446 was published Mar 2, 2022
A logic issue was addressed with improved restrictions. This issue is fixed in macOS Monterey 12... Moderate Unreviewed
CVE-2022-32883 was published Sep 21, 2022
IPC messages delivered to the wrong frame in Electron Moderate
CVE-2020-26272 was published for electron (npm) Jan 28, 2021
nornagon decsecre583
Improper handling of resource allocation in virtual machines can lead to information exposure in... Moderate Unreviewed
CVE-2021-1918 was published Jan 4, 2022
An issue in the handling of environment variables was addressed with improved validation. This... Moderate Unreviewed
CVE-2022-26707 was published Sep 25, 2022
Zammad 5.2.1 is vulnerable to Incorrect Access Control. Zammad's asset handling mechanism has... Moderate Unreviewed
CVE-2022-40816 was published Sep 28, 2022
IBM QRadar User Behavior Analytics could allow an authenticated user to obtain sensitive... Moderate Unreviewed
CVE-2022-36771 was published Sep 29, 2022
An information disclosure vulnerability in GitLab CE/EE affecting all versions starting from 9.3... Moderate Unreviewed
CVE-2022-3018 was published Oct 28, 2022
Apache Airflow: DAG Code and Import Error Permissions Ignored Moderate
CVE-2024-27906 was published for apache-airflow (pip) Feb 29, 2024
oscerd sunSUNQ
Improper isolation of shared resources in network on chip for the Intel(R) 82599 Ethernet... Moderate Unreviewed
CVE-2021-33096 was published Feb 11, 2022
"IBM InfoSphere Information Server 11.7 could allow an authenticated user to access information... Moderate Unreviewed
CVE-2022-22442 was published Nov 4, 2022
Reprise License Manager 14.2 is affected by an Information Disclosure vulnerability via a GET... Moderate Unreviewed
CVE-2022-28365 was published Apr 10, 2022
g810-led 0.4.2, a LED configuration tool for Logitech Gx10 keyboards, contained a udev rule to... Moderate Unreviewed
CVE-2022-46338 was published Nov 30, 2022
In wlan driver, there is a possible missing permission check, This could lead to local... Moderate Unreviewed
CVE-2022-42766 was published Dec 6, 2022
In wlan driver, there is a possible missing permission check, This could lead to local... Moderate Unreviewed
CVE-2022-42782 was published Dec 6, 2022
An issue existed with the file paths used to store website data. The issue was resolved by... Moderate Unreviewed
CVE-2022-32833 was published Dec 15, 2022
This issue was addressed with improved data protection. This issue is fixed in iOS 16.2 and... Moderate Unreviewed
CVE-2022-42843 was published Dec 15, 2022
fileio.c in Vim prior to 8.0.1263 sets the group ownership of a .swp file to the editor's primary... Moderate Unreviewed
CVE-2017-17087 was published May 13, 2022
A vulnerability was discovered in Siemens OZW672 (all versions) and OZW772 (all versions) that... Moderate Unreviewed
CVE-2017-6872 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database