Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,000
Erlang
29
GitHub Actions
16
Go
1,789
Maven
5,000+
npm
3,547
NuGet
622
pip
3,143
Pub
10
RubyGems
839
Rust
796
Swift
34
Unreviewed advisories
All unreviewed
5,000+

458 advisories

Loading
Untrusted Search Path in PostgreSQL Moderate Unreviewed
CVE-2020-14350 was published Feb 15, 2022
Git LFS can execute a Git binary from the current directory on Windows High
CVE-2021-21237 was published for github.com/git-lfs/git-lfs (Go) Feb 15, 2022
Ry0taK
NVIDIA Omniverse Launcher contains a Cross-Origin Resource Sharing (CORS) vulnerability which can... Critical Unreviewed
CVE-2022-21817 was published Feb 8, 2022
In ListCheck.exe in Acer Care Center 4.x before 4.00.3038, a vulnerability in the loading... High Unreviewed
CVE-2021-45975 was published Jan 27, 2022
An untrusted search path vulnerability exists in the Palo Alto Networks Cortex XDR agent that... High Unreviewed
CVE-2022-0014 was published Jan 13, 2022
Apache Ranger policy engine incorrectly matches paths in certain conditions Moderate
CVE-2016-8746 was published for org.apache.ranger:ranger-plugins-common (Maven) Oct 17, 2018
Ruby-ffi has a DLL loading issue High
CVE-2018-1000201 was published for ffi (RubyGems) Aug 31, 2018
High severity vulnerability that affects electron High
CVE-2016-1202 was published for electron (npm) Oct 24, 2017
ProTip! Advisories are also available from the GraphQL API