Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

119 advisories

Loading
Electron webPreferences vulnerability can be used to perform remote code execution High
CVE-2018-15685 was published for electron (npm) Aug 23, 2018
In miniadb, there is a possible way to get read/write access to recovery system properties due to... High Unreviewed
CVE-2021-39767 was published Mar 31, 2022
Insecure Default Initialization of Resource in Pivotal Spring Web Flow Moderate
CVE-2017-4971 was published for org.springframework.webflow:spring-webflow (Maven) May 13, 2022
A vulnerability has been identified in SIMATIC PCS 7 V9.0 and earlier (All versions), SIMATIC PCS... High Unreviewed
CVE-2022-24287 was published May 21, 2022
Insecure Default Initialization of Resource in Pivotal Spring Web Flow Moderate
CVE-2017-8039 was published for org.springframework.webflow:spring-webflow (Maven) May 13, 2022
WildFly vulnerable to Insecure Default Initialization of Resource High
CVE-2022-1278 was published for org.wildfly.bom:wildfly (Maven) Sep 14, 2022
In CODESYS V2 PLCWinNT and Runtime Toolkit 32 in versions prior to V2.4.7.57 password protection... Critical Unreviewed
CVE-2022-31806 was published Jun 25, 2022
Insecure default variable initialization in BIOS firmware for some Intel(R) NUC Boards and Intel... Moderate Unreviewed
CVE-2022-36349 was published Nov 11, 2022
A vulnerability in SonicWall Global Management System (GMS), allow a remote user to gain access... High Unreviewed
CVE-2019-7476 was published May 24, 2022
A vulnerability in the SSH key management for the Cisco Nexus 9000 Series Application Centric... Critical Unreviewed
CVE-2019-1804 was published May 24, 2022
A flaw was found in Openshift. A pod with a DNSPolicy of "ClusterFirst" may incorrectly resolve... High Unreviewed
CVE-2022-3262 was published Dec 8, 2022
In JetBrains TeamCity between 2022.10 and 2022.10.1 connecting to AWS using the "Default... Moderate Unreviewed
CVE-2022-46831 was published Dec 8, 2022
In WiFi, there is a possible disclosure of WiFi password to the end user due to an insecure... Low Unreviewed
CVE-2022-20342 was published Aug 13, 2022
In processPhonebookAccess of CachedBluetoothDevice.java, there is a possible permission bypass... Low Unreviewed
CVE-2019-2197 was published May 24, 2022
Lansweeper 6.0.x through 7.2.x has a default installation in which the admin password is... High Unreviewed
CVE-2020-14011 was published May 24, 2022
Dell PowerScale OneFS, versions 9.0.0, up to and including 9.1.0.19, 9.2.1.12, 9.3.0.6, and 9.4.0... Moderate Unreviewed
CVE-2022-32480 was published Aug 23, 2022
Insecure default variable initialization in some Intel(R) Thunderbolt(TM) DCH drivers for Windows... Moderate Unreviewed
CVE-2020-12327 was published May 24, 2022
Insecure default initialization of resource in Intel(R) Boot Guard in Intel(R) CSME versions... Moderate Unreviewed
CVE-2020-8705 was published May 24, 2022
In permission declarations of DeviceAdminReceiver.java, there is a possible lack of broadcast... High Unreviewed
CVE-2021-0534 was published May 24, 2022
Insecure default variable initialization for the Intel BSSA DFT feature may allow a privileged... Moderate Unreviewed
CVE-2021-0144 was published May 24, 2022
Insecure default variable initialization for the Intel BSSA DFT feature may allow a privileged... Moderate Unreviewed
CVE-2021-0114 was published May 24, 2022
nLight ECLYPSE (nECY) system Controllers running software prior to 1.17.21245.754 contain a... High Unreviewed
CVE-2021-40825 was published May 24, 2022
The Orca HCM digital learning platform uses a weak factory default administrator password, which... Critical Unreviewed
CVE-2021-35965 was published May 24, 2022
Dell EMC Integrated System for Microsoft Azure Stack Hub, versions 1906 – 2011, contain an... Critical Unreviewed
CVE-2021-21505 was published May 24, 2022
Multiple vulnerabilities in the web-based management interface of the Cisco Catalyst Passive... Critical Unreviewed
CVE-2021-34795 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API