Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,344
Erlang
31
GitHub Actions
22
Go
2,109
Maven
5,000+
npm
3,764
NuGet
680
pip
3,453
Pub
12
RubyGems
892
Rust
887
Swift
37
Unreviewed advisories
All unreviewed
5,000+

73 advisories

Loading
In enforceVisualVoicemailPackage of PhoneInterfaceManager.java, there is a possible leak of... Low Unreviewed
CVE-2022-20525 was published Dec 20, 2022
An issue was discovered in Pulse Secure Pulse Connect Secure (PCS) through 2020-04-06. The applet... Low Unreviewed
CVE-2020-11582 was published May 24, 2022
Potential sensitive data exposure in applications using Vaadin 15 Low
CVE-2020-36319 was published for com.vaadin:flow-server (Maven) Apr 19, 2021
knoobie
Information disclosure in the TeamCity plugin for IntelliJ before 2020.2.2.85899 was possible... Low Unreviewed
CVE-2021-26309 was published May 24, 2022
In JetBrains PyCharm before 2022.1 exposure of the debugger port to the internal network was... Low Unreviewed
CVE-2022-29820 was published Apr 29, 2022
Information exposure vulnerability in Samsung Members prior to versions 2.4.85.11 in Android O(8... Low Unreviewed
CVE-2021-25432 was published May 24, 2022
A pendingIntent hijacking vulnerability in Secure Folder prior to SMR APR-2021 Release 1 allows... Low Unreviewed
CVE-2021-25364 was published May 24, 2022
A component of the HarmonyOS has a Exposure of Sensitive Information to an Unauthorized Actor... Low Unreviewed
CVE-2021-22468 was published May 24, 2022
An exposure of sensitive information to an unauthorized actor [CWE-200] vulnerability in... Low Unreviewed
CVE-2021-36192 was published May 24, 2022
Opera 7.54 and earlier does not properly limit an applet's access to internal Java packages from... Low Unreviewed
CVE-2004-1489 was published Apr 29, 2022
IBM Planning Analytics Local 2.0 allows web pages to be stored locally which can be read by... Low Unreviewed
CVE-2022-22314 was published Sep 9, 2022
Sensitive information accessible by physical probing of JTAG interface for some Intel(R)... Low Unreviewed
CVE-2022-0005 was published May 13, 2022
hw/ppc/spapr.c in QEMU through 3.1.0 allows Information Exposure because the hypervisor shares... Low Unreviewed
CVE-2019-8934 was published May 13, 2022
In BigBlueButton before 2.2.7, lockSettingsProps.disablePrivateChat does not apply to already... Low Unreviewed
CVE-2020-27601 was published Sep 30, 2022
In StatusBar.java, there is a possible disclosure of notification content on the lockscreen due... Low Unreviewed
CVE-2021-39628 was published Jan 15, 2022
Improper access control vulnerabilities in Samsung Cloud prior to version 5.3.0.32 allows local... Low Unreviewed
CVE-2023-21447 was published Feb 9, 2023
PowerPath Management Appliance with versions 3.3, 3.2*, 3.1 & 3.0* contains sensitive information... Low Unreviewed
CVE-2022-34452 was published Feb 10, 2023
Improper logic in HomeScreen prior to SMR Feb-2023 Release 1 allows physical attacker to access... Low Unreviewed
CVE-2023-21438 was published Feb 9, 2023
Mattermost fails to honor the ShowEmailAddress setting when constructing a response to the ... Low Unreviewed
CVE-2023-27265 was published Feb 27, 2023
File exposure in pleaser Low
CVE-2021-31153 was published for pleaser (Rust) Aug 25, 2021
another-rex
Unauthenticated user can have information about hidden users on subwikis through uorgsuggest.vm Low
CVE-2023-29203 was published for org.xwiki.platform:xwiki-platform-web-templates (Maven) Apr 12, 2023
"IBM Robotic Process Automation for Cloud Pak 21.0.1, 21.0.2, 21.0.3, 21.0.4, and 21.0.5 is... Low Unreviewed
CVE-2022-42442 was published Nov 4, 2022
Improper access control vulnerability in QuickShare prior to version 13.2.3.5 allows attackers to... Low Unreviewed
CVE-2022-39860 was published Oct 7, 2022
Improper access control vulnerability in sendDHCPACKBroadcast function of SemWifiApClient prior... Low Unreviewed
CVE-2022-30751 was published Jul 13, 2022
Improper access control vulnerability in sendDHCPACKBroadcast function of SemWifiApClient prior... Low Unreviewed
CVE-2022-30752 was published Jul 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database