Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,413
Erlang
28
GitHub Actions
16
Go
1,651
Maven
4,914
npm
3,437
NuGet
594
pip
2,782
Pub
10
RubyGems
822
Rust
760
Swift
34
Unreviewed advisories
All unreviewed
5,000+

23 advisories

Local information disclosure via system temporary directory Moderate
CVE-2021-28168 was published for org.glassfish.jersey.core:jersey-common (Maven) Apr 23, 2021
JLLeitschuh
Local Information Disclosure Vulnerability in io.netty:netty-codec-http Moderate
CVE-2022-24823 was published for io.netty:netty-codec-http (Maven) May 10, 2022
JLLeitschuh
A Creation of Temporary File With Insecure Permissions vulnerability in hawk2 of SUSE Linux... High Unreviewed
CVE-2021-25314 was published May 24, 2022
Generated Code Contains Local Information Disclosure Vulnerability Moderate
CVE-2021-21364 was published for io.swagger:swagger-codegen (Maven) Mar 11, 2021
JLLeitschuh
Multiple vulnerabilities in the install, uninstall, and upgrade processes of Cisco AnyConnect... High Unreviewed
CVE-2021-1496 was published May 24, 2022
Multiple vulnerabilities in the install, uninstall, and upgrade processes of Cisco AnyConnect... High Unreviewed
CVE-2021-1426 was published May 24, 2022
Multiple vulnerabilities in the install, uninstall, and upgrade processes of Cisco AnyConnect... High Unreviewed
CVE-2021-1428 was published May 24, 2022
Multiple vulnerabilities in the install, uninstall, and upgrade processes of Cisco AnyConnect... High Unreviewed
CVE-2021-1430 was published May 24, 2022
Creation of Temporary File in Directory with Insecure Permissions in auto-generated Java, Scala code Moderate
CVE-2021-21430 was published for org.openapitools:openapi-generator (Maven) May 11, 2021
JLLeitschuh
Multiple vulnerabilities in the install, uninstall, and upgrade processes of Cisco AnyConnect... High Unreviewed
CVE-2021-1429 was published May 24, 2022
Multiple vulnerabilities in the install, uninstall, and upgrade processes of Cisco AnyConnect... High Unreviewed
CVE-2021-1427 was published May 24, 2022
Local Information Disclosure Vulnerability Low
CVE-2021-21331 was published for com.datadoghq:datadog-api-client (Maven) Mar 3, 2021
JLLeitschuh oliverchang
Generator Web Application: Local Privilege Escalation Vulnerability via System Temp Directory Low
CVE-2021-21363 was published for io.swagger:swagger-codegen (Maven) Mar 11, 2021
JLLeitschuh
Creation of Temporary File in Directory with Insecure Permissions in the OpenAPI Generator Maven plugin Moderate
CVE-2021-21429 was published for org.openapitools:openapi-generator-maven-plugin (Maven) Apr 29, 2021
JLLeitschuh
Insecure Temporary File in RESTEasy Moderate
CVE-2023-0482 was published for org.jboss.resteasy:resteasy-undertow (Maven) Feb 18, 2023
Creation of Temporary File in Directory with Insecure Permissions in the OpenAPI-Generator online generator Critical
CVE-2021-21428 was published for org.openapitools:openapi-generator-online (Maven) May 11, 2021
JLLeitschuh
Local Information Disclosure Vulnerability in Netty on Unix-Like systems Moderate
CVE-2021-21290 was published for io.netty:netty (Maven) Feb 8, 2021
JLLeitschuh westonsteimel
Creation of Temporary File With Insecure Permissions in logilab-commons Moderate
CVE-2014-1839 was published for logilab-common (pip) May 14, 2022
Information Disclosure in Guava Low
CVE-2020-8908 was published for com.google.guava:guava (Maven) Mar 25, 2021
joshbressers
RestEasy Reactive implementation of Quarkus allows Creation of Temporary File With Insecure Permissions Low
CVE-2023-0481 was published for io.quarkus.resteasy.reactive:resteasy-reactive-common (Maven) Feb 24, 2023
joshbressers
Local Temp Directory Hijacking Vulnerability High
CVE-2020-27216 was published for org.eclipse.jetty:jetty-webapp (Maven) Nov 4, 2020
JLLeitschuh timtebeek
A vulnerability has been identified in SCALANCE LPE9403 (All versions < V2.1). The `i2c` mutex... Low Unreviewed
CVE-2023-27408 was published May 9, 2023
A vulnerability has been identified in the Performance Co-Pilot (PCP) package, stemming from the... Moderate Unreviewed
CVE-2023-6917 was published Feb 28, 2024
ProTip! Advisories are also available from the GraphQL API