GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,224
Erlang
31
GitHub Actions
19
Go
1,990
Maven
5,000+
npm
3,706
NuGet
661
pip
3,336
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
103 advisories
Filter by severity
Trend Micro Security 2021 v17.0 (Consumer) contains a vulnerability that allows files inside the...
Moderate
Unreviewed
CVE-2021-43772
was published
Dec 4, 2021
A denial-of-service vulnerability in Database Security (DBS) prior to 4.8.4 allows a remote...
Moderate
Unreviewed
CVE-2021-31850
was published
Dec 9, 2021
An implicit Intent hijacking vulnerability in Dialer prior to SMR Jan-2022 Release 1 allows...
Moderate
Unreviewed
CVE-2022-22270
was published
Jan 11, 2022
Incorrect implementation of Knox Guard prior to SMR Jan-2022 Release 1 allows physically...
Moderate
Unreviewed
CVE-2022-22268
was published
Jan 11, 2022
The RVM WordPress plugin before 6.4.2 does not have proper authorisation, CSRF checks and...
Moderate
Unreviewed
CVE-2021-24947
was published
Feb 8, 2022
The SEUR Oficial WordPress plugin before 1.7.2 creates a PHP file with a random name when...
Moderate
Unreviewed
CVE-2021-25004
was published
Feb 8, 2022
In taocms 3.0.1 after logging in to the background, there is an Arbitrary file download...
Moderate
Unreviewed
CVE-2021-44983
was published
Feb 9, 2022
An issue was discovered in taoCMS v3.0.2. There is an arbitrary file read vulnerability that can...
Moderate
Unreviewed
CVE-2022-23316
was published
Feb 9, 2022
In Mahara 20.10 before 20.10.4, 21.04 before 21.04.3, and 21.10 before 21.10.1, the names of...
Moderate
Unreviewed
CVE-2022-24694
was published
Feb 10, 2022
CuppaCMS v1.0 was discovered to contain an arbitrary file read via the copy function.
Moderate
Unreviewed
CVE-2022-25497
was published
Mar 16, 2022
Whale browser before 3.12.129.18 allowed extensions to replace JavaScript files of the HWP viewer...
Moderate
Unreviewed
CVE-2022-24075
was published
Mar 18, 2022
Asana Desktop before 1.6.0 allows remote attackers to exfiltrate local files if they can trick...
Moderate
Unreviewed
CVE-2022-26877
was published
Apr 10, 2022
KiteCMS v1.1.1 was discovered to contain an arbitrary file read vulnerability via the background...
Moderate
Unreviewed
CVE-2022-28445
was published
Apr 22, 2022
NEXTWEB (i)Site stores databases under the web document root with insufficient access control,...
Moderate
Unreviewed
CVE-2005-1835
was published
May 1, 2022
Digitaldesign CMS 0.1 stores sensitive information under the web root with insufficient access...
Moderate
Unreviewed
CVE-2009-3597
was published
May 2, 2022
An access-control flaw was found in the OpenStack Orchestration (heat) service before 8.0.0, 6.1...
Moderate
Unreviewed
CVE-2017-2621
was published
May 3, 2022
SolarView Compact ver.6.00 was discovered to contain a local file disclosure via /html/Solar_Ftp...
Moderate
Unreviewed
CVE-2022-29302
was published
May 13, 2022
An accessibility flaw was found in the OpenStack Workflow (mistral) service where a service log...
Moderate
Unreviewed
CVE-2017-2622
was published
May 13, 2022
The VFS subsystem in the Linux kernel 3.x provides an incomplete set of requirements for setattr...
Moderate
Unreviewed
CVE-2015-1350
was published
May 13, 2022
IBM RSA DM (IBM Rational Collaborative Lifecycle Management 5.0 and 6.0) could allow an...
Moderate
Unreviewed
CVE-2017-1602
was published
May 13, 2022
Microsoft Windows 10 allows an elevation of privilege vulnerability when the Windows Update...
Moderate
Unreviewed
CVE-2017-11829
was published
May 13, 2022
IBM Daeja ViewONE Professional, Standard & Virtual 4.1.5.1 and 5.0 could allow an authenticated...
Moderate
Unreviewed
CVE-2017-1308
was published
May 13, 2022
A vulnerability in Cisco ASR 5000 Series Aggregated Services Routers running the Cisco StarOS...
Moderate
Unreviewed
CVE-2017-6774
was published
May 13, 2022
An issue was discovered in certain Apple products. iTunes before 12.7 is affected. The issue...
Moderate
Unreviewed
CVE-2017-7079
was published
May 13, 2022
cmseasy V7.7.5_20211012 is affected by an arbitrary file read vulnerability. After login, the...
Moderate
Unreviewed
CVE-2021-42644
was published
May 18, 2022
ProTip!
Advisories are also available from the
GraphQL API