Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,980
Erlang
29
GitHub Actions
16
Go
1,769
Maven
4,994
npm
3,540
NuGet
616
pip
3,113
Pub
10
RubyGems
838
Rust
787
Swift
34
Unreviewed advisories
All unreviewed
5,000+

51 advisories

Loading
Grafana Email addresses and usernames can not be trusted Moderate
CVE-2022-39306 was published for github.com/grafana/grafana (Go) May 14, 2024
Grafana User enumeration via forget password Moderate
CVE-2022-39307 was published for github.com/grafana/grafana (Go) May 14, 2024
Insecure File Permissions in Support Assistant in NCP Secure Enterprise Client before 12.22 allow... Moderate Unreviewed
CVE-2023-28870 was published Dec 9, 2023
This vulnerability allows remote attackers to disclose sensitive information on affected... Moderate Unreviewed
CVE-2022-28645 was published Mar 29, 2023
An high privileged attacker may pass crafted arguments to the validate function of csaf-validator... Moderate Unreviewed
CVE-2022-47924 was published Mar 27, 2023
The validate JSON endpoint of the Secvisogram csaf-validator-service in versions < 0.1.0... Moderate Unreviewed
CVE-2022-47925 was published Mar 27, 2023
Improper removal of sensitive data in the entry edit feature of Hub Business submodule in... Moderate Unreviewed
CVE-2023-1203 was published Mar 10, 2023
A flaw was found in libpng 1.6.38. A crafted PNG image can lead to a segmentation fault and... Moderate Unreviewed
CVE-2022-3857 was published Mar 7, 2023
Kubernetes vulnerable to path traversal Moderate
CVE-2022-3162 was published for github.com/kubernetes/kubernetes (Go) Mar 1, 2023
Netty vulnerable to HTTP Response splitting from assigning header value iterator Moderate
CVE-2022-41915 was published for io.netty:netty-codec-http (Maven) Dec 12, 2022
rafalambrozewicz anderruiz
HAProxyMessageDecoder Stack Exhaustion DoS Moderate
CVE-2022-41881 was published for io.netty:netty-codec-haproxy (Maven) Dec 12, 2022
IBM Db2 for Linux, UNIX and Windows 9.7, 10.1, 10.5, 11.1, and 11.5 is vulnerable to an... Moderate Unreviewed
CVE-2022-22483 was published Sep 14, 2022
Insufficiently protected credentials for Intel(R) AMT and Intel(R) Standard Manageability may... Moderate Unreviewed
CVE-2022-30944 was published Aug 19, 2022
Improper access control in firmware for Intel(R) AMT and Intel(R) Standard Manageability may... Moderate Unreviewed
CVE-2022-28697 was published Aug 19, 2022
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer).... Moderate Unreviewed
CVE-2022-21509 was published Jul 20, 2022
Vulnerability in the MySQL Cluster product of Oracle MySQL (component: Cluster: General).... Moderate Unreviewed
CVE-2022-21519 was published Jul 20, 2022
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: PAM Auth Plugin).... Moderate Unreviewed
CVE-2022-21455 was published Jul 20, 2022
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Stored Procedure).... Moderate Unreviewed
CVE-2022-21534 was published Jul 20, 2022
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer).... Moderate Unreviewed
CVE-2022-21529 was published Jul 20, 2022
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer).... Moderate Unreviewed
CVE-2022-21526 was published Jul 20, 2022
Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions... Moderate Unreviewed
CVE-2022-21537 was published Jul 20, 2022
Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions... Moderate Unreviewed
CVE-2022-21517 was published Jul 20, 2022
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer).... Moderate Unreviewed
CVE-2022-21525 was published Jul 20, 2022
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer).... Moderate Unreviewed
CVE-2022-21527 was published Jul 20, 2022
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Stored Procedure).... Moderate Unreviewed
CVE-2022-21522 was published Jul 20, 2022
ProTip! Advisories are also available from the GraphQL API