GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,960
Composer 5,074
Erlang 39
GitHub Actions 38
Go 2,736
Maven 6,144
npm 4,336
NuGet 764
pip 4,110
Pub 12
RubyGems 960
Rust 1,068
Swift 45

Unreviewed advisories

All unreviewed 279,292

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

1,380 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Incorrect permission management in Devolutions Server before 2022.2 allows a new user with a... High Unreviewed

CVE-2022-33996 was published Jul 8, 2022

There is an unauthorized service in the system service. Since the component does not have... High Unreviewed

CVE-2022-20436 was published Oct 12, 2022

Improper use of a unique device ID in unprotected SecSoterService prior to SMR Jul-2022 Release 1... Low Unreviewed

CVE-2022-30753 was published Jul 13, 2022

An issue has been discovered in GitLab affecting all versions starting from 12.4 before 14.10.5,... Moderate Unreviewed

CVE-2022-2270 was published Jul 2, 2022

In Telecomm, there is a possible disclosure of registered self managed phone accounts due to a... Low Unreviewed

CVE-2022-20310 was published Aug 13, 2022

In Content, there is a possible way to check if the given account exists on the device due to a... Moderate Unreviewed

CVE-2022-20300 was published Aug 13, 2022

Implicit Intent hijacking vulnerability in Finder prior to SMR Jul-2022 Release 1 allow allows... Moderate Unreviewed

CVE-2022-30758 was published Jul 13, 2022

In Content, there is a possible way to check if an account exists on the device due to a missing... Moderate Unreviewed

CVE-2022-20301 was published Aug 13, 2022

IBM QRadar SIEM 7.3, 7.4, and 7.5 could allow a local user to obtain sensitive information from... Moderate Unreviewed

CVE-2022-22424 was published Jul 21, 2022

In ActivityManager, there is a possible disclosure of installed packages due to a missing... Low Unreviewed

CVE-2022-20315 was published Aug 13, 2022

A Incorrect Default Permissions vulnerability in the packaging of cups of SUSE Linux Enterprise... Low Unreviewed

CVE-2021-25317 was published May 24, 2022

In ContentService, there is a possible way to check if an account exists on the device due to a... Moderate Unreviewed

CVE-2022-20296 was published Aug 13, 2022

In ContentService, there is a possible way to determine if an account is on the device without... Moderate Unreviewed

CVE-2022-20303 was published Aug 13, 2022

In ContentService, there is a possible disclosure of available account types due to a missing... Low Unreviewed

CVE-2022-20305 was published Aug 13, 2022

In ContentService, there is a possible way to check if an account exists on the device due to a... Moderate Unreviewed

CVE-2022-20295 was published Aug 13, 2022

In Telecomm, there is a possible disclosure of registered self managed phone accounts due to a... Low Unreviewed

CVE-2022-20311 was published Aug 13, 2022

In ContentService, there is a possible way to check if the given account exists on the device due... Moderate Unreviewed

CVE-2022-20299 was published Aug 13, 2022

In ContentService, there is a possible way to check if an account exists on the device due to a... Moderate Unreviewed

CVE-2022-20298 was published Aug 13, 2022

In WifiP2pManager, there is a possible toobtain WiFi P2P MAC address without user consent due to... Moderate Unreviewed

CVE-2022-20312 was published Aug 13, 2022

A Incorrect Default Permissions vulnerability in the packaging of the slurm testsuite of openSUSE... High Unreviewed

CVE-2022-31251 was published Sep 8, 2022

An issue in the installer of gvim 9.0.0000 allows authenticated attackers to execute arbitrary... High Unreviewed

CVE-2022-37173 was published Aug 31, 2022

The security descriptor of Measuresoft ScadaPro Server version 6.7 has inconsistent permissions,... High Unreviewed

CVE-2022-3263 was published Sep 25, 2022

In cta, there is a possible way to write permission usage records of an app due to a missing... High Unreviewed

CVE-2022-26429 was published Aug 2, 2022

Insufficient policy enforcement in navigations in Google Chrome prior to 81.0.4044.92 allowed a... Moderate Unreviewed

CVE-2020-6439 was published May 24, 2022

parse-server's session object properties can be updated by foreign user if object ID is known Moderate

CVE-2022-39225 was published for parse-server (npm) Sep 21, 2022

Previous 1…5…56 Next

Previous 1 2 3 4 5 6 7 … 55 56 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

1,380 advisories