GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+ Composer
5,000+ Erlang
39 GitHub Actions
38 Go
2,750 Maven
5,000+ npm
4,355 NuGet
765 pip
4,115 Pub
12 RubyGems
960 Rust
1,069 Swift
45Unreviewed advisories
All unreviewed
5,000+Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
11,192 advisories
Filter by severity
Uh oh!
There was an error while loading. Please reload this page.
Insufficient input validation in the SMU may allow a physical attacker to exfiltrate SMU memory... Low Unreviewed
CVE-2023-20528 was published Jan 11, 2023
yaws_config.erl in Yaws through 2.0.2 and/or 2.0.7 loads obsolete TLS ciphers, as demonstrated by... Low Unreviewed
CVE-2020-12872 was published May 24, 2022
In createAdminSupportIntent of DevicePolicyManagerService.java, there is a possible way to... Low Unreviewed
CVE-2021-0983 was published Dec 16, 2021
Unprotected Activity in AppLock prior to SMR Mar-2022 Release 1 allows attacker to change the... Low Unreviewed
CVE-2022-24929 was published Mar 11, 2022
IBM Spectrum Protect Operations Center 8.1.0.000 through 8.1.13.xxx is vulnerable to reverse... Low Unreviewed
CVE-2022-22348 was published Mar 15, 2022
** DISPUTED ** An issue was discovered in OpenSSH before 8.9. If a client is using public-key... Low Unreviewed
CVE-2021-36368 was published Mar 14, 2022
Adobe Character Animator version 4.4 (and earlier versions) are affected by an out-of-bounds read... Low Unreviewed
CVE-2021-40769 was published Mar 17, 2022
Adobe Character Animator version 4.4 (and earlier versions) are affected by an out-of-bounds read... Low Unreviewed
CVE-2021-40766 was published Mar 17, 2022
Cross-site scripting (XSS) vulnerability in the Messaging module 6.x-2.x before 6.x-2.4 and 6.x-4... Low Unreviewed
CVE-2011-1066 was published May 17, 2022
lnsfw1.sys 6.0.2900.5512 in Look 'n' Stop Firewall 2.06p4 and 2.07 allows local users to cause a... Low Unreviewed
CVE-2011-0652 was published May 17, 2022
The class file parser in IBM Java before 1.4.2 SR13 FP9, as used in IBM Runtimes for Java... Low Unreviewed
CVE-2011-0311 was published May 17, 2022
HP Multifunction Peripheral (MFP) Digital Sending Software (DSS) 4.91.00 does not properly... Low Unreviewed
CVE-2011-0279 was published May 17, 2022
Oracle Solaris 8, 9, and 10 stores back-out patch files (undo.Z) unencrypted with world-readable... Low Unreviewed
CVE-2011-0412 was published May 17, 2022
Unspecified vulnerability in Oracle Solaris 10 allows local users to affect confidentiality and... Low Unreviewed
CVE-2010-4460 was published May 17, 2022
WebKit in Apple Safari before 5.0.4, when the Web Inspector is used, does not properly handle the... Low Unreviewed
CVE-2011-0169 was published May 17, 2022
Linux kernel 2.6.33 and 2.6.34.y does not initialize the kvm_vcpu_events->interrupt.pad structure... Low Unreviewed
CVE-2010-4525 was published May 17, 2022
An authentication issue was addressed with improved state management. This issue is fixed in... Low Unreviewed
CVE-2022-22656 was published Mar 19, 2022
An insecure permissions vulnerability in Snapt Aria v12.8 allows unauthenticated attackers to... Low Unreviewed
CVE-2022-24236 was published Mar 22, 2022
An issue with app access to camera metadata was addressed with improved logic. This issue is... Low Unreviewed
CVE-2022-22598 was published Mar 19, 2022
Description: A permissions issue was addressed with improved validation. This issue is fixed in... Low Unreviewed
CVE-2022-22599 was published Mar 19, 2022
Philips Gemini PET/CT family software stores sensitive information in a removable media device... Low Unreviewed
CVE-2021-27456 was published Mar 24, 2022
A vulnerability classified as problematic has been found in Mirmay Secure Private Browser and... Low Unreviewed
CVE-2018-25030 was published Mar 29, 2022
Unspecified vulnerability in the Database Vault component in Oracle Database Server 10.2.0.3, 10... Low Unreviewed
CVE-2010-4420 was published May 17, 2022
Unspecified vulnerability in Oracle Sun Java System Portal Server 7.1 and 7.2 allows local users... Low Unreviewed
CVE-2010-4431 was published May 17, 2022
The PayPal app before 3.0.1 for iOS does not verify that the server hostname matches the domain... Low Unreviewed
CVE-2010-4211 was published May 17, 2022
ProTip! Advisories are also available from the GraphQL API