GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,614
Composer 4,224
Erlang 31
GitHub Actions 19
Go 1,990
Maven 5,170
npm 3,706
NuGet 661
pip 3,336
Pub 11
RubyGems 884
Rust 845
Swift 36

Unreviewed advisories

All unreviewed 234,408

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

221 advisories

Filter by severity

Sort by

Least recently updated

Trend Micro Security 2021 v17.0 (Consumer) contains a vulnerability that allows files inside the... Moderate Unreviewed

CVE-2021-43772 was published Dec 4, 2021

Insecure caller check in sharevia deeplink logic prior to Samsung Internet 16.0.2 allows... Low Unreviewed

CVE-2021-25521 was published Dec 9, 2021

A denial-of-service vulnerability in Database Security (DBS) prior to 4.8.4 allows a remote... Moderate Unreviewed

CVE-2021-31850 was published Dec 9, 2021

In Bus Pass Management System v1.0, Directory Listing/Browsing is enabled on the web server which... High Unreviewed

CVE-2021-44315 was published Dec 17, 2021

An implicit Intent hijacking vulnerability in Dialer prior to SMR Jan-2022 Release 1 allows... Moderate Unreviewed

CVE-2022-22270 was published Jan 11, 2022

Keeping sensitive data in unprotected BluetoothSettingsProvider prior to SMR Jan-2022 Release 1... Low Unreviewed

CVE-2022-22269 was published Jan 11, 2022

Implicit Intent hijacking vulnerability in ActivityMetricsLogger prior to SMR Jan-2022 Release 1... Low Unreviewed

CVE-2022-22267 was published Jan 11, 2022

Incorrect implementation of Knox Guard prior to SMR Jan-2022 Release 1 allows physically... Moderate Unreviewed

CVE-2022-22268 was published Jan 11, 2022

An issue has been discovered in GitLab CE/EE affecting all versions starting with 14.5. Arbitrary... High Unreviewed

CVE-2022-0244 was published Jan 19, 2022

An information disclosure vulnerability exists due to a web server misconfiguration in the... High Unreviewed

CVE-2022-21236 was published Jan 29, 2022

The RVM WordPress plugin before 6.4.2 does not have proper authorisation, CSRF checks and... Moderate Unreviewed

CVE-2021-24947 was published Feb 8, 2022

The SEUR Oficial WordPress plugin before 1.7.2 creates a PHP file with a random name when... Moderate Unreviewed

CVE-2021-25004 was published Feb 8, 2022

In taocms 3.0.1 after logging in to the background, there is an Arbitrary file download... Moderate Unreviewed

CVE-2021-44983 was published Feb 9, 2022

An issue was discovered in taoCMS v3.0.2. There is an arbitrary file read vulnerability that can... Moderate Unreviewed

CVE-2022-23316 was published Feb 9, 2022

In Mahara 20.10 before 20.10.4, 21.04 before 21.04.3, and 21.10 before 21.10.1, the names of... Moderate Unreviewed

CVE-2022-24694 was published Feb 10, 2022

This affects the package cesanta/mongoose before 7.6. The unsafe handling of file names during... High Unreviewed

CVE-2022-25299 was published Feb 19, 2022

This affects the package drogonframework/drogon before 1.7.5. The unsafe handling of file names... High Unreviewed

CVE-2022-25297 was published Feb 22, 2022

HorizontCMS v1.0.0-beta.2 was discovered to contain an arbitrary file download vulnerability via... High Unreviewed

CVE-2022-25104 was published Feb 25, 2022

Archeevo below 5.0 is affected by local file inclusion through file=~/web.config to allow an... High Unreviewed

CVE-2022-23377 was published Mar 2, 2022

CuppaCMS v1.0 was discovered to contain an arbitrary file read via the copy function. Moderate Unreviewed

CVE-2022-25497 was published Mar 16, 2022

Whale browser before 3.12.129.18 allowed extensions to replace JavaScript files of the HWP viewer... Moderate Unreviewed

CVE-2022-24075 was published Mar 18, 2022

74cmsSE v3.4.1 was discovered to contain an arbitrary file read vulnerability via the $url... High Unreviewed

CVE-2022-26271 was published Mar 29, 2022

Movie Seat Reservation v1 was discovered to contain an unauthenticated file disclosure... High Unreviewed

CVE-2022-28002 was published Apr 9, 2022

Asana Desktop before 1.6.0 allows remote attackers to exfiltrate local files if they can trick... Moderate Unreviewed

CVE-2022-26877 was published Apr 10, 2022

A vulnerability using PendingIntent in Accessibility prior to version 12.5.3.2 in Android R(11.0)... High Unreviewed

CVE-2022-27837 was published Apr 12, 2022

Previous 1 2 3 4 5 … 8 9 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

221 advisories