Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,132
Erlang
29
GitHub Actions
19
Go
1,937
Maven
5,000+
npm
3,676
NuGet
642
pip
3,292
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+

8,867 advisories

Loading
An information exposure vulnerability exists in the Palo Alto Networks GlobalProtect app on... Moderate Unreviewed
CVE-2022-0018 was published Feb 11, 2022
A vulnerability in the web-based management interface of Cisco Prime Service Catalog could allow... Moderate Unreviewed
CVE-2022-20680 was published Feb 11, 2022
Insecure template handling in Express-handlebars High
CVE-2021-32820 was published for express-handlebars (npm) Feb 10, 2022
Apache CXF JMX Integration is vulnerable to a MITM attack Moderate
CVE-2020-1954 was published for org.apache.cxf:cxf-rt-management (Maven) Feb 10, 2022
Exposure of Sensitive Information to an Unauthorized Actor in Concord High
CVE-2020-10591 was published for com.walmartlabs.concord.docker:concord-common (Maven) Feb 10, 2022
AMD EPYC™ Processors contain an information disclosure vulnerability in the Secure Encrypted... Moderate Unreviewed
CVE-2020-12966 was published Feb 10, 2022
IBM OPENBMC OP920, OP930, and OP940 could allow an unauthenticated user to obtain sensitive... High Unreviewed
CVE-2021-38960 was published Feb 10, 2022
Exposure of Sensitive Information to an Unauthorized Actor in follow-redirects Moderate
CVE-2022-0536 was published for follow-redirects (npm) Feb 10, 2022
A vulnerability has been identified in SIMATIC PCS 7 V8.2 and earlier (All versions), SIMATIC PCS... High Unreviewed
CVE-2021-40360 was published Feb 10, 2022
Exposure of Sensitive Information to an Unauthorized Actor in Apache Tomcat Moderate
CVE-2020-13943 was published for org.apache.tomcat:tomcat-coyote (Maven) Feb 9, 2022
Exposure of Sensitive Information to an Unauthorized Actor in Apache Tomcat High
CVE-2020-17527 was published for org.apache.tomcat:tomcat-coyote (Maven) Feb 9, 2022
sunSUNQ
Credentials bypass in Apache Druid Moderate
CVE-2020-1958 was published for org.apache.druid:druid (Maven) Feb 9, 2022
Information exposure in xwiki-platform Moderate
CVE-2022-23619 was published for org.xwiki.platform:xwiki-platform-web (Maven) Feb 9, 2022
Apache Hive Information Exposure and Observable Timing Discrepancy Moderate
CVE-2020-1926 was published for org.apache.hive:hive (Maven) Feb 9, 2022
Unauthorized access to Class instance in Jinjava Moderate
CVE-2020-12668 was published for com.hubspot.jinjava:jinjava (Maven) Feb 9, 2022
Exposure of sensitive information to an unauthorized actor vulnerability in Web Server in... High Unreviewed
CVE-2022-22680 was published Feb 8, 2022
XMPie uStore 12.3.7244.0 allows for administrators to generate reports based on raw SQL queries.... High Unreviewed
CVE-2022-23320 was published Feb 8, 2022
Full list of recipients from customer users in a contact field could be disclosed in notification... Low Unreviewed
CVE-2022-0474 was published Feb 8, 2022
Cookie and header exposure in twisted High
CVE-2022-21712 was published for twisted (pip) Feb 7, 2022
ranjit-git alex
twm
Path traversal and dereference of symlinks in Argo CD High
CVE-2022-24348 was published for github.com/argoproj/argo-cd (Go) Feb 7, 2022
Hadoop token in temp file visible to all users in Apache Gobblin Moderate
CVE-2021-36151 was published for org.apache.gobblin:gobblin-core (Maven) Feb 6, 2022
Unsafe handling of user-specified cookies in treq Moderate
CVE-2022-23607 was published for treq (pip) Feb 1, 2022
glyph twm
A CWE-200: Exposure of Sensitive Information to an Unauthorized Actor vulnerability exists that... High Unreviewed
CVE-2021-22825 was published Jan 29, 2022
A CWE-200: Information Exposure vulnerability exists which could cause the troubleshooting... Moderate Unreviewed
CVE-2021-22815 was published Jan 29, 2022
Information Exposure vulnerability in Hitachi Energy LinkOne application, due to a... High Unreviewed
CVE-2021-40340 was published Jan 29, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database