GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,167
Composer 4,339
Erlang 31
GitHub Actions 22
Go 2,099
Maven 5,272
npm 3,763
NuGet 678
pip 3,448
Pub 12
RubyGems 892
Rust 883
Swift 37

Unreviewed advisories

All unreviewed 242,854

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

111 advisories

Filter by severity

Sort by

Least recently updated

Configuration defects in the secure OS module.Successful exploitation of this vulnerability will... High Unreviewed

CVE-2022-48493 was published Jun 19, 2023

Configuration defects in the secure OS module.Successful exploitation of this vulnerability will... High Unreviewed

CVE-2022-48492 was published Jun 19, 2023

Active Debug Code vulnerability in Mitsubishi Electric Corporation MELSEC WS Series WS0-GETH00200... High Unreviewed

CVE-2023-1618 was published May 19, 2023

An Insecure Default Initialization of Resource vulnerability in Juniper Networks Junos OS Evolved... Moderate Unreviewed

CVE-2023-28978 was published Apr 18, 2023

In JetBrains IntelliJ IDEA before 2023.1 the bundled version of Chromium wasn't sandboxed. High Unreviewed

CVE-2022-48432 was published Mar 29, 2023

In multiple products of CODESYS v3 in multiple versions a remote low privileged user could... High Unreviewed

CVE-2022-4224 was published Mar 23, 2023

In JetBrains TeamCity before 2022.10.2 jVMTI was enabled by default on agents. Critical Unreviewed

CVE-2022-48342 was published Feb 23, 2023

An insecure default vulnerability exists in the Post Creation functionality of Ghost Foundation... Moderate Unreviewed

CVE-2022-47194 was published Jan 19, 2023

An insecure default vulnerability exists in the Post Creation functionality of Ghost Foundation... Moderate Unreviewed

CVE-2022-47196 was published Jan 19, 2023

A regression exists in the Linux Kernel within KVM: nVMX that allowed for speculative execution... High Unreviewed

CVE-2022-2196 was published Jan 9, 2023

In applyKeyguardFlags of NotificationShadeWindowControllerImpl.java, there is a possible way to... Moderate Unreviewed

CVE-2022-20466 was published Dec 13, 2022

A flaw was found in Openshift. A pod with a DNSPolicy of "ClusterFirst" may incorrectly resolve... High Unreviewed

CVE-2022-3262 was published Dec 8, 2022

In JetBrains TeamCity between 2022.10 and 2022.10.1 connecting to AWS using the "Default... Moderate Unreviewed

CVE-2022-46831 was published Dec 8, 2022

Insecure default variable initialization in BIOS firmware for some Intel(R) NUC Boards and Intel... Moderate Unreviewed

CVE-2022-36349 was published Nov 11, 2022

Tinyproxy commit 84f203f and earlier does not process HTTP request lines in the process_request()... High Unreviewed

CVE-2022-40468 was published Sep 20, 2022

A flaw was found in servicemesh-operator. The NetworkPolicy resources installed for Maistra do... Critical Unreviewed

CVE-2021-3586 was published Aug 23, 2022

Dell PowerScale OneFS, versions 9.0.0, up to and including 9.1.0.19, 9.2.1.12, 9.3.0.6, and 9.4.0... Moderate Unreviewed

CVE-2022-32480 was published Aug 23, 2022

In WiFi, there is a possible disclosure of WiFi password to the end user due to an insecure... Low Unreviewed

CVE-2022-20342 was published Aug 13, 2022

In CODESYS V2 PLCWinNT and Runtime Toolkit 32 in versions prior to V2.4.7.57 password protection... Critical Unreviewed

CVE-2022-31806 was published Jun 25, 2022

The Orca HCM digital learning platform uses a weak factory default administrator password, which... Critical Unreviewed

CVE-2021-35965 was published May 24, 2022

Dell EMC Integrated System for Microsoft Azure Stack Hub, versions 1906 – 2011, contain an... Critical Unreviewed

CVE-2021-21505 was published May 24, 2022

Multiple vulnerabilities in the web-based management interface of the Cisco Catalyst Passive... Critical Unreviewed

CVE-2021-34795 was published May 24, 2022

nLight ECLYPSE (nECY) system Controllers running software prior to 1.17.21245.754 contain a... High Unreviewed

CVE-2021-40825 was published May 24, 2022

Insecure default variable initialization for the Intel BSSA DFT feature may allow a privileged... Moderate Unreviewed

CVE-2021-0114 was published May 24, 2022

Insecure default variable initialization for the Intel BSSA DFT feature may allow a privileged... Moderate Unreviewed

CVE-2021-0144 was published May 24, 2022

Previous 1 2 3 4 5 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

111 advisories