Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,967
Erlang
29
GitHub Actions
16
Go
1,749
Maven
4,978
npm
3,509
NuGet
609
pip
3,076
Pub
10
RubyGems
832
Rust
781
Swift
34
Unreviewed advisories
All unreviewed
5,000+

70 advisories

Loading
IBM PowerSC 1.3, 2.0, and 2.1 may allow a remote attacker to view session identifiers passed via... Low Unreviewed
CVE-2023-50328 was published Feb 2, 2024
A vulnerability has been identified in PT-G503 Series versions prior to v5.2, where the session... Low Unreviewed
CVE-2023-4217 was published Nov 2, 2023
Authenticated clients can read arbitrary files on the MAIN Computer system using the remote... Low Unreviewed
CVE-2023-2622 was published Nov 1, 2023
The vulnerability is to theft of arbitrary files with system privilege in the Screen recording (... Low Unreviewed
CVE-2023-44124 was published Sep 27, 2023
Secret displayed without masking by Chef Identity Plugin Low
CVE-2023-39155 was published for org.jenkins-ci.plugins:chef-identity (Maven) Jul 26, 2023
Nomad Caller ACL Token’s Secret ID is Exposed to Sentinel Low
CVE-2023-3299 was published for github.com/hashicorp/nomad (Go) Jul 20, 2023
anonymous4ACL24
The issue was addressed with improved checks. This issue is fixed in iOS 16.5 and iPadOS 16.5,... Low Unreviewed
CVE-2023-32394 was published Jun 23, 2023
Unauthenticated user can have information about hidden users on subwikis through uorgsuggest.vm Low
CVE-2023-29203 was published for org.xwiki.platform:xwiki-platform-web-templates (Maven) Apr 12, 2023
Mattermost fails to honor the ShowEmailAddress setting when constructing a response to the ... Low Unreviewed
CVE-2023-27265 was published Feb 27, 2023
RestEasy Reactive implementation of Quarkus allows Creation of Temporary File With Insecure Permissions Low
CVE-2023-0481 was published for io.quarkus.resteasy.reactive:resteasy-reactive-common (Maven) Feb 24, 2023
joshbressers
PowerPath Management Appliance with versions 3.3, 3.2*, 3.1 & 3.0* contains sensitive information... Low Unreviewed
CVE-2022-34452 was published Feb 10, 2023
Improper logic in HomeScreen prior to SMR Feb-2023 Release 1 allows physical attacker to access... Low Unreviewed
CVE-2023-21438 was published Feb 9, 2023
Improper access control vulnerabilities in Samsung Cloud prior to version 5.3.0.32 allows local... Low Unreviewed
CVE-2023-21447 was published Feb 9, 2023
lxc-user-nic in lxc through 5.0.1 is installed setuid root, and may allow local users to infer... Low Unreviewed
CVE-2022-47952 was published Jan 1, 2023
In various functions of ap_input_processor.c, there is a possible way to record audio during a... Low Unreviewed
CVE-2022-20562 was published Dec 21, 2022
In multiple locations of WifiDialogActivity.java, there is a possible limited lockscreen bypass... Low Unreviewed
CVE-2022-20529 was published Dec 20, 2022
In enforceVisualVoicemailPackage of PhoneInterfaceManager.java, there is a possible leak of... Low Unreviewed
CVE-2022-20525 was published Dec 20, 2022
Temporary File Information Disclosure vulnerability in MPXJ Low
CVE-2022-41954 was published for mpxj (Maven) Nov 28, 2022
JLLeitschuh jkmartindale
Improper access control vulnerability in IpcRxServiceModeBigDataInfo in RIL prior to SMR Nov-2022... Low Unreviewed
CVE-2022-39886 was published Nov 10, 2022
"IBM Robotic Process Automation for Cloud Pak 21.0.1, 21.0.2, 21.0.3, 21.0.4, and 21.0.5 is... Low Unreviewed
CVE-2022-42442 was published Nov 4, 2022
Improper access control vulnerability in QuickShare prior to version 13.2.3.5 allows attackers to... Low Unreviewed
CVE-2022-39860 was published Oct 7, 2022
In BigBlueButton before 2.2.7, lockSettingsProps.disablePrivateChat does not apply to already... Low Unreviewed
CVE-2020-27601 was published Sep 30, 2022
In Amanda 3.5.1, an information leak vulnerability was found in the calcsize SUID binary. An... Low Unreviewed
CVE-2022-37703 was published Sep 14, 2022
IBM Planning Analytics Local 2.0 allows web pages to be stored locally which can be read by... Low Unreviewed
CVE-2022-22314 was published Sep 9, 2022
In Splunk Enterprise versions in the following table, an authenticated user can craft a dashboard... Low Unreviewed
CVE-2022-37438 was published Aug 17, 2022
ProTip! Advisories are also available from the GraphQL API