Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,343
Erlang
31
GitHub Actions
22
Go
2,107
Maven
5,000+
npm
3,764
NuGet
679
pip
3,452
Pub
12
RubyGems
892
Rust
886
Swift
37
Unreviewed advisories
All unreviewed
5,000+

1,666 advisories

Loading
Information Exposure in Apache Tapestry High
CVE-2021-30638 was published for org.apache.tapestry:tapestry-core (Maven) Mar 18, 2022
Exposure of Sensitive Information to an Unauthorized Actor in FreeTAKServer-UI High
CVE-2022-25512 was published for FreeTAKServer-UI (pip) Mar 12, 2022
Exposure of Sensitive Information to an Unauthorized Actor in PhpMyAdmin High
CVE-2022-0813 was published for phpmyadmin/phpmyadmin (Composer) Mar 11, 2022
Simple Diagnostics Agent - versions 1.0 (up to version 1.57.), allows an attacker to access... High Unreviewed
CVE-2022-22547 was published Mar 11, 2022
Incorrect Authorization in @uppy/companion High
CVE-2022-0528 was published for @uppy/companion (npm) Mar 4, 2022
containerd CRI plugin: Insecure handling of image volumes High
CVE-2022-23648 was published for github.com/containerd/containerd (Go) Mar 2, 2022
felixwilhelm
Cookie exposure in requestretry High
CVE-2022-0654 was published for requestretry (npm) Feb 24, 2022
Sensitive information disclosure discovered in wpDiscuz WordPress plugin (versions <= 7.3.11). High Unreviewed
CVE-2022-23984 was published Feb 22, 2022
The vulnerability discovered in WordPress Perfect Brands for WooCommerce plugin (versions <= 2.0... High Unreviewed
CVE-2022-23982 was published Feb 19, 2022
Exposure of server configuration in github.com/go-vela/server High
CVE-2020-26294 was published for github.com/go-vela/compiler (Go) Feb 15, 2022
matt-fevold wass3r
** UNSUPPORTED WHEN ASSIGNED ** Emerson Dixell XWEB-500 products are affected by information... High Unreviewed
CVE-2021-45421 was published Feb 15, 2022
A CWE-200: Information Exposure vulnerability exists that could cause sensitive information of... High Unreviewed
CVE-2021-22785 was published Feb 12, 2022
Puma used with Rails may lead to Information Exposure High
CVE-2022-23634 was published for puma (RubyGems) Feb 11, 2022
byroot
Exposure of information in Action Pack High
CVE-2022-23633 was published for actionpack (RubyGems) Feb 11, 2022
byroot
An Information Disclosure vulnerability for JT files in Autodesk Inventor 2022, 2021, 2020, 2019... High Unreviewed
CVE-2021-40159 was published Feb 11, 2022
SAP Adaptive Server Enterprise (ASE) - version 16.0, installation makes an entry in the system... High Unreviewed
CVE-2022-22528 was published Feb 11, 2022
Insecure template handling in Express-handlebars High
CVE-2021-32820 was published for express-handlebars (npm) Feb 10, 2022
Exposure of Sensitive Information to an Unauthorized Actor in Concord High
CVE-2020-10591 was published for com.walmartlabs.concord:concord-common (Maven) Feb 10, 2022
binary-1024
IBM OPENBMC OP920, OP930, and OP940 could allow an unauthenticated user to obtain sensitive... High Unreviewed
CVE-2021-38960 was published Feb 10, 2022
A vulnerability has been identified in SIMATIC PCS 7 V8.2 and earlier (All versions), SIMATIC PCS... High Unreviewed
CVE-2021-40360 was published Feb 10, 2022
Exposure of Sensitive Information to an Unauthorized Actor in Apache Tomcat High
CVE-2020-17527 was published for org.apache.tomcat:tomcat-coyote (Maven) Feb 9, 2022
sunSUNQ
Exposure of sensitive information to an unauthorized actor vulnerability in Web Server in... High Unreviewed
CVE-2022-22680 was published Feb 8, 2022
XMPie uStore 12.3.7244.0 allows for administrators to generate reports based on raw SQL queries.... High Unreviewed
CVE-2022-23320 was published Feb 8, 2022
Cookie and header exposure in twisted High
CVE-2022-21712 was published for Twisted (pip) Feb 7, 2022
ranjit-git alex
twm
Path traversal and dereference of symlinks in Argo CD High
CVE-2022-24348 was published for github.com/argoproj/argo-cd (Go) Feb 7, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database