Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,792
Erlang
36
GitHub Actions
29
Go
2,377
Maven
5,000+
npm
4,002
NuGet
720
pip
3,802
Pub
12
RubyGems
927
Rust
984
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

495 advisories

Loading
Software installed and running inside a Guest VM may override Firmware's state and gain access to... Moderate Unreviewed
CVE-2025-46707 was published Jun 27, 2025
An issue was discovered in Zoho ManageEngine Key Manager Plus 6.1.6. A user, with the level... Moderate Unreviewed
CVE-2022-24446 was published Mar 2, 2022
A logic issue was addressed with improved restrictions. This issue is fixed in macOS Monterey 12... Moderate Unreviewed
CVE-2022-32883 was published Sep 21, 2022
Improper handling of resource allocation in virtual machines can lead to information exposure in... Moderate Unreviewed
CVE-2021-1918 was published Jan 4, 2022
An issue in the handling of environment variables was addressed with improved validation. This... Moderate Unreviewed
CVE-2022-26707 was published Sep 25, 2022
Zammad 5.2.1 is vulnerable to Incorrect Access Control. Zammad's asset handling mechanism has... Moderate Unreviewed
CVE-2022-40816 was published Sep 28, 2022
IBM QRadar User Behavior Analytics could allow an authenticated user to obtain sensitive... Moderate Unreviewed
CVE-2022-36771 was published Sep 29, 2022
An information disclosure vulnerability in GitLab CE/EE affecting all versions starting from 9.3... Moderate Unreviewed
CVE-2022-3018 was published Oct 28, 2022
Improper isolation of shared resources in network on chip for the Intel(R) 82599 Ethernet... Moderate Unreviewed
CVE-2021-33096 was published Feb 11, 2022
"IBM InfoSphere Information Server 11.7 could allow an authenticated user to access information... Moderate Unreviewed
CVE-2022-22442 was published Nov 4, 2022
Reprise License Manager 14.2 is affected by an Information Disclosure vulnerability via a GET... Moderate Unreviewed
CVE-2022-28365 was published Apr 10, 2022
g810-led 0.4.2, a LED configuration tool for Logitech Gx10 keyboards, contained a udev rule to... Moderate Unreviewed
CVE-2022-46338 was published Nov 30, 2022
In wlan driver, there is a possible missing permission check, This could lead to local... Moderate Unreviewed
CVE-2022-42782 was published Dec 6, 2022
In wlan driver, there is a possible missing permission check, This could lead to local... Moderate Unreviewed
CVE-2022-42766 was published Dec 6, 2022
An issue existed with the file paths used to store website data. The issue was resolved by... Moderate Unreviewed
CVE-2022-32833 was published Dec 15, 2022
This issue was addressed with improved data protection. This issue is fixed in iOS 16.2 and... Moderate Unreviewed
CVE-2022-42843 was published Dec 15, 2022
fileio.c in Vim prior to 8.0.1263 sets the group ownership of a .swp file to the editor's primary... Moderate Unreviewed
CVE-2017-17087 was published May 13, 2022
A vulnerability was discovered in Siemens OZW672 (all versions) and OZW772 (all versions) that... Moderate Unreviewed
CVE-2017-6872 was published May 13, 2022
vRealize Operations (vROps) contains a broken access control vulnerability. VMware has evaluated... Moderate Unreviewed
CVE-2022-31708 was published Dec 21, 2022
A website that had permission to access the microphone could record audio without the audio... Moderate Unreviewed
CVE-2022-38474 was published Dec 22, 2022
Planet eStream before 6.72.10.07 discloses sensitive information, related to the ON cookie ... Moderate Unreviewed
CVE-2022-45895 was published Dec 25, 2022
In Pilz PMC programming tool 3.x before 3.5.17 (based on CODESYS Development System), an attacker... Moderate Unreviewed
CVE-2019-9011 was published Dec 26, 2022
An issue was discovered in MediaWiki before 1.35.5, 1.36.x before 1.36.3, and 1.37.x before 1.37... Moderate Unreviewed
CVE-2021-44854 was published Dec 26, 2022
Windows Installer Information Disclosure Vulnerability Moderate Unreviewed
CVE-2023-32016 was published Jun 14, 2023
Windows TCP/IP Information Disclosure Vulnerability Moderate Unreviewed
CVE-2023-38160 was published Sep 12, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database