GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,801
Erlang
36
GitHub Actions
29
Go
2,380
Maven
5,000+
npm
4,005
NuGet
720
pip
3,809
Pub
12
RubyGems
928
Rust
986
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
1,012 advisories
Filter by severity
A vulnerability in the web interface for specific feature sets of Cisco Integrated Management...
Moderate
Unreviewed
CVE-2018-15405
was published
May 13, 2022
A vulnerability in the web framework of the Cisco Digital Network Architecture Center (DNA Center...
Moderate
Unreviewed
CVE-2018-0269
was published
May 13, 2022
A vulnerability in the management console of Cisco Firepower System Software could allow an...
Moderate
Unreviewed
CVE-2018-0278
was published
May 13, 2022
QEMU does not properly restrict write access to the PCI config space for certain PCI pass-through...
Moderate
Unreviewed
CVE-2015-4106
was published
May 13, 2022
To provide fine-grained controls over the ability to use Dynamic DNS (DDNS) to update records in...
Moderate
Unreviewed
CVE-2018-5741
was published
May 13, 2022
Improper authorization vulnerability in SYNO.Cal.Event in Calendar before 2.1.2-0511 allows...
Moderate
Unreviewed
CVE-2018-8927
was published
May 13, 2022
mod_lua.c in the mod_lua module in the Apache HTTP Server 2.3.x and 2.4.x through 2.4.10 does not...
Moderate
Unreviewed
CVE-2014-8109
was published
May 13, 2022
A flaw was found in the way KVM hypervisor handled x2APIC Machine Specific Rregister (MSR) access...
Moderate
Unreviewed
CVE-2019-3887
was published
May 13, 2022
Insufficient Policy Enforcement in Omnibox in Google Chrome prior to 58.0.3029.81 for Mac,...
Moderate
Unreviewed
CVE-2017-5060
was published
May 13, 2022
An exploitable improper authorization vulnerability exists in admin_peers API of cpp-ethereum's...
Moderate
Unreviewed
CVE-2017-12114
was published
May 13, 2022
RESI Gemini-Net Web 4.2 is affected by Improper Access Control in authorization logic. An...
Moderate
Unreviewed
CVE-2022-29538
was published
May 13, 2022
Users are able to read group conversations without actively taking part in them. Next to one to...
Moderate
Unreviewed
CVE-2021-27772
was published
May 13, 2022
It was possible to disclose details of confidential notes created via the API in Gitlab CE/EE...
Moderate
Unreviewed
CVE-2022-1545
was published
May 12, 2022
Under certain conditions, the SAP Host Agent logfile shows information which would otherwise be...
Moderate
Unreviewed
CVE-2022-28774
was published
May 12, 2022
An improper authorization issue has been discovered in GitLab CE/EE affecting all versions prior...
Moderate
Unreviewed
CVE-2022-1124
was published
May 12, 2022
An improper authorization vulnerability in Palo Alto Network Cortex XSOAR software enables...
Moderate
Unreviewed
CVE-2022-0027
was published
May 12, 2022
Insufficient checks in System Management Unit (SMU) FeatureConfig may result in reenabling...
Moderate
Unreviewed
CVE-2021-26376
was published
May 12, 2022
Incorrect access control in Yubico OTP functionality of the YubiKey hardware tokens along with...
Moderate
Unreviewed
CVE-2022-24584
was published
May 12, 2022
This is a concurrency issue that can result in the wrong caller principal being returned from the...
Moderate
Unreviewed
CVE-2022-0866
was published
May 11, 2022
Improper access control in GitLab CE/EE affecting all versions starting from 8.12 before 14.8.6,...
Moderate
Unreviewed
CVE-2022-1417
was published
May 11, 2022
Windows Hyper-V Security Feature Bypass Vulnerability.
Moderate
Unreviewed
CVE-2022-24466
was published
May 11, 2022
A Two-Factor Authentication (2FA) bypass vulnerability in "Simple 2FA Plugin for Moodle" by LMS...
Moderate
Unreviewed
CVE-2022-28601
was published
May 11, 2022
Microsoft Office Security Feature Bypass Vulnerability.
Moderate
Unreviewed
CVE-2022-29107
was published
May 11, 2022
Windows Print Spooler Information Disclosure Vulnerability. This CVE ID is unique from CVE-2022...
Moderate
Unreviewed
CVE-2022-29114
was published
May 11, 2022
IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.47, 7.0 before 7.0.0.29, 8.0 before 8.0.0...
Moderate
Unreviewed
CVE-2013-0543
was published
May 5, 2022
ProTip!
Advisories are also available from the
GraphQL API