Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,980
Erlang
29
GitHub Actions
16
Go
1,769
Maven
4,994
npm
3,540
NuGet
616
pip
3,113
Pub
10
RubyGems
838
Rust
787
Swift
34
Unreviewed advisories
All unreviewed
5,000+

51 advisories

Loading
XSS in the `altField` option of the Datepicker widget in jquery-ui Moderate
CVE-2021-41182 was published for jQuery.UI.Combined (RubyGems) Oct 26, 2021
esbena
XSS in the `of` option of the `.position()` util in jquery-ui Moderate
CVE-2021-41184 was published for jQuery.UI.Combined (RubyGems) Oct 26, 2021
esbena A-Fitz-Nelnet
XSS in `*Text` options of the Datepicker widget in jquery-ui Moderate
CVE-2021-41183 was published for jQuery.UI.Combined (RubyGems) Oct 26, 2021
esbena
Microsoft Outlook for Mac Security Feature Bypass Vulnerability. Moderate Unreviewed
CVE-2022-23280 was published Feb 10, 2022
VMware ESXi, Workstation, and Fusion contain a use-after-free vulnerability in the XHCI USB... Moderate Unreviewed
CVE-2021-22040 was published Feb 17, 2022
VMware ESXi, Workstation, and Fusion contain a double-fetch vulnerability in the UHCI USB... Moderate Unreviewed
CVE-2021-22041 was published Feb 17, 2022
A vulnerability in SonicOS SNMP service resulting exposure of sensitive information to an... Moderate Unreviewed
CVE-2022-22276 was published Apr 28, 2022
A vulnerability in SonicOS SNMP service resulting exposure of Wireless Access Point sensitive... Moderate Unreviewed
CVE-2022-22277 was published Apr 28, 2022
Local Information Disclosure Vulnerability in io.netty:netty-codec-http Moderate
CVE-2022-24823 was published for io.netty:netty-codec-http (Maven) May 10, 2022
JLLeitschuh
Apache Tika vulnerable to uncontrolled memory consumption Moderate
CVE-2022-25169 was published for org.apache.tika:tika (Maven) May 17, 2022
Regular expression denial of service in apache tika Moderate
CVE-2022-30126 was published for org.apache.tika:tika (Maven) May 17, 2022
A reachable assertion issue was found in the USB EHCI emulation code of QEMU. It could occur... Moderate Unreviewed
CVE-2020-25723 was published May 24, 2022
A NULL pointer dereference flaw was found in the floppy disk emulator of QEMU. This issue occurs... Moderate Unreviewed
CVE-2021-20196 was published May 24, 2022
An Arbitrary Address Write issue in the Autodesk DWG application can allow a malicious user to... Moderate Unreviewed
CVE-2021-27043 was published May 24, 2022
Regular expression denial of service in apache tika Moderate
CVE-2022-30973 was published for org.apache.tika:tika-core (Maven) Jun 1, 2022
jkmartindale
Information Exposure vulnerability in My Account Settings of Devolutions Remote Desktop Manager... Moderate Unreviewed
CVE-2022-2221 was published Jun 28, 2022
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer).... Moderate Unreviewed
CVE-2022-21553 was published Jul 20, 2022
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Federated).... Moderate Unreviewed
CVE-2022-21547 was published Jul 20, 2022
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer).... Moderate Unreviewed
CVE-2022-21569 was published Jul 20, 2022
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer).... Moderate Unreviewed
CVE-2022-21556 was published Jul 20, 2022
Vulnerability in the MySQL Cluster product of Oracle MySQL (component: Cluster: General).... Moderate Unreviewed
CVE-2022-21550 was published Jul 20, 2022
Vulnerability in the MySQL Cluster product of Oracle MySQL (component: Cluster: General).... Moderate Unreviewed
CVE-2022-21519 was published Jul 20, 2022
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: PAM Auth Plugin).... Moderate Unreviewed
CVE-2022-21455 was published Jul 20, 2022
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Stored Procedure).... Moderate Unreviewed
CVE-2022-21534 was published Jul 20, 2022
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer).... Moderate Unreviewed
CVE-2022-21529 was published Jul 20, 2022
ProTip! Advisories are also available from the GraphQL API