GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,792
Erlang
36
GitHub Actions
29
Go
2,377
Maven
5,000+
npm
4,002
NuGet
720
pip
3,802
Pub
12
RubyGems
927
Rust
984
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
495 advisories
Filter by severity
Software installed and running inside a Guest VM may override Firmware's state and gain access to...
Moderate
Unreviewed
CVE-2025-46707
was published
Jun 27, 2025
An issue was discovered in Zoho ManageEngine Key Manager Plus 6.1.6. A user, with the level...
Moderate
Unreviewed
CVE-2022-24446
was published
Mar 2, 2022
A logic issue was addressed with improved restrictions. This issue is fixed in macOS Monterey 12...
Moderate
Unreviewed
CVE-2022-32883
was published
Sep 21, 2022
Improper handling of resource allocation in virtual machines can lead to information exposure in...
Moderate
Unreviewed
CVE-2021-1918
was published
Jan 4, 2022
An issue in the handling of environment variables was addressed with improved validation. This...
Moderate
Unreviewed
CVE-2022-26707
was published
Sep 25, 2022
Zammad 5.2.1 is vulnerable to Incorrect Access Control. Zammad's asset handling mechanism has...
Moderate
Unreviewed
CVE-2022-40816
was published
Sep 28, 2022
IBM QRadar User Behavior Analytics could allow an authenticated user to obtain sensitive...
Moderate
Unreviewed
CVE-2022-36771
was published
Sep 29, 2022
An information disclosure vulnerability in GitLab CE/EE affecting all versions starting from 9.3...
Moderate
Unreviewed
CVE-2022-3018
was published
Oct 28, 2022
Improper isolation of shared resources in network on chip for the Intel(R) 82599 Ethernet...
Moderate
Unreviewed
CVE-2021-33096
was published
Feb 11, 2022
"IBM InfoSphere Information Server 11.7 could allow an authenticated user to access information...
Moderate
Unreviewed
CVE-2022-22442
was published
Nov 4, 2022
Reprise License Manager 14.2 is affected by an Information Disclosure vulnerability via a GET...
Moderate
Unreviewed
CVE-2022-28365
was published
Apr 10, 2022
g810-led 0.4.2, a LED configuration tool for Logitech Gx10 keyboards, contained a udev rule to...
Moderate
Unreviewed
CVE-2022-46338
was published
Nov 30, 2022
In wlan driver, there is a possible missing permission check, This could lead to local...
Moderate
Unreviewed
CVE-2022-42782
was published
Dec 6, 2022
In wlan driver, there is a possible missing permission check, This could lead to local...
Moderate
Unreviewed
CVE-2022-42766
was published
Dec 6, 2022
An issue existed with the file paths used to store website data. The issue was resolved by...
Moderate
Unreviewed
CVE-2022-32833
was published
Dec 15, 2022
This issue was addressed with improved data protection. This issue is fixed in iOS 16.2 and...
Moderate
Unreviewed
CVE-2022-42843
was published
Dec 15, 2022
fileio.c in Vim prior to 8.0.1263 sets the group ownership of a .swp file to the editor's primary...
Moderate
Unreviewed
CVE-2017-17087
was published
May 13, 2022
A vulnerability was discovered in Siemens OZW672 (all versions) and OZW772 (all versions) that...
Moderate
Unreviewed
CVE-2017-6872
was published
May 13, 2022
vRealize Operations (vROps) contains a broken access control vulnerability. VMware has evaluated...
Moderate
Unreviewed
CVE-2022-31708
was published
Dec 21, 2022
A website that had permission to access the microphone could record audio without the audio...
Moderate
Unreviewed
CVE-2022-38474
was published
Dec 22, 2022
Planet eStream before 6.72.10.07 discloses sensitive information, related to the ON cookie ...
Moderate
Unreviewed
CVE-2022-45895
was published
Dec 25, 2022
In Pilz PMC programming tool 3.x before 3.5.17 (based on CODESYS Development System), an attacker...
Moderate
Unreviewed
CVE-2019-9011
was published
Dec 26, 2022
An issue was discovered in MediaWiki before 1.35.5, 1.36.x before 1.36.3, and 1.37.x before 1.37...
Moderate
Unreviewed
CVE-2021-44854
was published
Dec 26, 2022
Windows Installer Information Disclosure Vulnerability
Moderate
Unreviewed
CVE-2023-32016
was published
Jun 14, 2023
Windows TCP/IP Information Disclosure Vulnerability
Moderate
Unreviewed
CVE-2023-38160
was published
Sep 12, 2023
ProTip!
Advisories are also available from the
GraphQL API