GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,587
Composer 4,205
Erlang 31
GitHub Actions 19
Go 1,988
Maven 5,170
npm 3,704
NuGet 661
pip 3,332
Pub 11
RubyGems 884
Rust 845
Swift 36

Unreviewed advisories

All unreviewed 234,231

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

132 advisories

Filter by severity

Sort by

Least recently updated

Electron webPreferences vulnerability can be used to perform remote code execution High

CVE-2018-15685 was published for electron (npm) Aug 23, 2018

In miniadb, there is a possible way to get read/write access to recovery system properties due to... High Unreviewed

CVE-2021-39767 was published Mar 31, 2022

Insecure Default Initialization of Resource in Pivotal Spring Web Flow Moderate

CVE-2017-4971 was published for org.springframework.webflow:spring-webflow (Maven) May 13, 2022

A vulnerability has been identified in SIMATIC PCS 7 V9.0 and earlier (All versions), SIMATIC PCS... High Unreviewed

CVE-2022-24287 was published May 21, 2022

Insecure Default Initialization of Resource in Pivotal Spring Web Flow Moderate

CVE-2017-8039 was published for org.springframework.webflow:spring-webflow (Maven) May 13, 2022

WildFly vulnerable to Insecure Default Initialization of Resource High

CVE-2022-1278 was published for org.wildfly.bom:wildfly (Maven) Sep 14, 2022

In CODESYS V2 PLCWinNT and Runtime Toolkit 32 in versions prior to V2.4.7.57 password protection... Critical Unreviewed

CVE-2022-31806 was published Jun 25, 2022

Insecure default variable initialization in BIOS firmware for some Intel(R) NUC Boards and Intel... Moderate Unreviewed

CVE-2022-36349 was published Nov 11, 2022

A vulnerability in SonicWall Global Management System (GMS), allow a remote user to gain access... High Unreviewed

CVE-2019-7476 was published May 24, 2022

A vulnerability in the SSH key management for the Cisco Nexus 9000 Series Application Centric... Critical Unreviewed

CVE-2019-1804 was published May 24, 2022

A flaw was found in Openshift. A pod with a DNSPolicy of "ClusterFirst" may incorrectly resolve... High Unreviewed

CVE-2022-3262 was published Dec 8, 2022

In JetBrains TeamCity between 2022.10 and 2022.10.1 connecting to AWS using the "Default... Moderate Unreviewed

CVE-2022-46831 was published Dec 8, 2022

In WiFi, there is a possible disclosure of WiFi password to the end user due to an insecure... Low Unreviewed

CVE-2022-20342 was published Aug 13, 2022

In processPhonebookAccess of CachedBluetoothDevice.java, there is a possible permission bypass... Low Unreviewed

CVE-2019-2197 was published May 24, 2022

Lansweeper 6.0.x through 7.2.x has a default installation in which the admin password is... High Unreviewed

CVE-2020-14011 was published May 24, 2022

Dell PowerScale OneFS, versions 9.0.0, up to and including 9.1.0.19, 9.2.1.12, 9.3.0.6, and 9.4.0... Moderate Unreviewed

CVE-2022-32480 was published Aug 23, 2022

Insecure default variable initialization in some Intel(R) Thunderbolt(TM) DCH drivers for Windows... Moderate Unreviewed

CVE-2020-12327 was published May 24, 2022

Insecure default initialization of resource in Intel(R) Boot Guard in Intel(R) CSME versions... Moderate Unreviewed

CVE-2020-8705 was published May 24, 2022

In permission declarations of DeviceAdminReceiver.java, there is a possible lack of broadcast... High Unreviewed

CVE-2021-0534 was published May 24, 2022

Insecure default variable initialization for the Intel BSSA DFT feature may allow a privileged... Moderate Unreviewed

CVE-2021-0144 was published May 24, 2022

Insecure default variable initialization for the Intel BSSA DFT feature may allow a privileged... Moderate Unreviewed

CVE-2021-0114 was published May 24, 2022

nLight ECLYPSE (nECY) system Controllers running software prior to 1.17.21245.754 contain a... High Unreviewed

CVE-2021-40825 was published May 24, 2022

The Orca HCM digital learning platform uses a weak factory default administrator password, which... Critical Unreviewed

CVE-2021-35965 was published May 24, 2022

Dell EMC Integrated System for Microsoft Azure Stack Hub, versions 1906 – 2011, contain an... Critical Unreviewed

CVE-2021-21505 was published May 24, 2022

Multiple vulnerabilities in the web-based management interface of the Cisco Catalyst Passive... Critical Unreviewed

CVE-2021-34795 was published May 24, 2022

Previous 1 2 3 4 5 6 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

132 advisories