GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,980
Erlang
29
GitHub Actions
16
Go
1,769
Maven
4,994
npm
3,540
NuGet
616
pip
3,113
Pub
10
RubyGems
838
Rust
787
Swift
34
Unreviewed advisories
All unreviewed
5,000+
51 advisories
Filter by severity
Grafana Email addresses and usernames can not be trusted
Moderate
CVE-2022-39306
was published
for
github.com/grafana/grafana
(Go)
May 14, 2024
Grafana User enumeration via forget password
Moderate
CVE-2022-39307
was published
for
github.com/grafana/grafana
(Go)
May 14, 2024
Insecure File Permissions in Support Assistant in NCP Secure Enterprise Client before 12.22 allow...
Moderate
Unreviewed
CVE-2023-28870
was published
Dec 9, 2023
This vulnerability allows remote attackers to disclose sensitive information on affected...
Moderate
Unreviewed
CVE-2022-28645
was published
Mar 29, 2023
An high privileged attacker may pass crafted arguments to the validate function of csaf-validator...
Moderate
Unreviewed
CVE-2022-47924
was published
Mar 27, 2023
The validate JSON endpoint of the Secvisogram csaf-validator-service in versions < 0.1.0...
Moderate
Unreviewed
CVE-2022-47925
was published
Mar 27, 2023
Improper removal of sensitive data in the entry edit feature of Hub Business submodule in...
Moderate
Unreviewed
CVE-2023-1203
was published
Mar 10, 2023
A flaw was found in libpng 1.6.38. A crafted PNG image can lead to a segmentation fault and...
Moderate
Unreviewed
CVE-2022-3857
was published
Mar 7, 2023
Kubernetes vulnerable to path traversal
Moderate
CVE-2022-3162
was published
for
github.com/kubernetes/kubernetes
(Go)
Mar 1, 2023
Netty vulnerable to HTTP Response splitting from assigning header value iterator
Moderate
CVE-2022-41915
was published
for
io.netty:netty-codec-http
(Maven)
Dec 12, 2022
HAProxyMessageDecoder Stack Exhaustion DoS
Moderate
CVE-2022-41881
was published
for
io.netty:netty-codec-haproxy
(Maven)
Dec 12, 2022
IBM Db2 for Linux, UNIX and Windows 9.7, 10.1, 10.5, 11.1, and 11.5 is vulnerable to an...
Moderate
Unreviewed
CVE-2022-22483
was published
Sep 14, 2022
Insufficiently protected credentials for Intel(R) AMT and Intel(R) Standard Manageability may...
Moderate
Unreviewed
CVE-2022-30944
was published
Aug 19, 2022
Improper access control in firmware for Intel(R) AMT and Intel(R) Standard Manageability may...
Moderate
Unreviewed
CVE-2022-28697
was published
Aug 19, 2022
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer)....
Moderate
Unreviewed
CVE-2022-21509
was published
Jul 20, 2022
Vulnerability in the MySQL Cluster product of Oracle MySQL (component: Cluster: General)....
Moderate
Unreviewed
CVE-2022-21519
was published
Jul 20, 2022
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: PAM Auth Plugin)....
Moderate
Unreviewed
CVE-2022-21455
was published
Jul 20, 2022
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Stored Procedure)....
Moderate
Unreviewed
CVE-2022-21534
was published
Jul 20, 2022
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer)....
Moderate
Unreviewed
CVE-2022-21529
was published
Jul 20, 2022
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer)....
Moderate
Unreviewed
CVE-2022-21526
was published
Jul 20, 2022
Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions...
Moderate
Unreviewed
CVE-2022-21537
was published
Jul 20, 2022
Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions...
Moderate
Unreviewed
CVE-2022-21517
was published
Jul 20, 2022
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer)....
Moderate
Unreviewed
CVE-2022-21525
was published
Jul 20, 2022
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer)....
Moderate
Unreviewed
CVE-2022-21527
was published
Jul 20, 2022
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Stored Procedure)....
Moderate
Unreviewed
CVE-2022-21522
was published
Jul 20, 2022
ProTip!
Advisories are also available from the
GraphQL API