GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
9,758 advisories
Filter by severity
Adobe Character Animator version 4.4 (and earlier versions) are affected by an out-of-bounds read...
Low
Unreviewed
CVE-2021-40766
was published
Mar 17, 2022
Adobe Character Animator version 4.4 (and earlier versions) are affected by an out-of-bounds read...
Low
Unreviewed
CVE-2021-40769
was published
Mar 17, 2022
A flaw was found in the vhost-vsock device of QEMU. In case of error, an invalid element was not...
Low
Unreviewed
CVE-2022-26354
was published
Mar 17, 2022
IBM Spectrum Protect Operations Center 8.1.0.000 through 8.1.13.xxx is vulnerable to reverse...
Low
Unreviewed
CVE-2022-22348
was published
Mar 15, 2022
** DISPUTED ** An issue was discovered in OpenSSH before 8.9. If a client is using public-key...
Low
Unreviewed
CVE-2021-36368
was published
Mar 14, 2022
A flaw in grub2 was found where its configuration file, known as grub.cfg, is being created with...
Low
Unreviewed
CVE-2021-3981
was published
Mar 11, 2022
Unprotected Activity in AppLock prior to SMR Mar-2022 Release 1 allows attacker to change the...
Low
Unreviewed
CVE-2022-24929
was published
Mar 11, 2022
Improper authentication in One UI Home prior to SMR Mar-2022 Release 1 allows attacker to...
Low
Unreviewed
CVE-2022-25817
was published
Mar 11, 2022
Improper access control vulnerability in BixbyTouch prior to version 2.2.00.6 in China models...
Low
Unreviewed
CVE-2022-25824
was published
Mar 11, 2022
Information Exposure vulnerability in Galaxy Watch Plugin prior to version 2.2.05.22012751 allows...
Low
Unreviewed
CVE-2022-25827
was published
Mar 11, 2022
Information Exposure vulnerability in Watch Active Plugin prior to version 2.2.07.22012751 allows...
Low
Unreviewed
CVE-2022-25828
was published
Mar 11, 2022
Information Exposure vulnerability in Watch Active2 Plugin prior to version 2.2.08.22012751...
Low
Unreviewed
CVE-2022-25829
was published
Mar 11, 2022
Information Exposure vulnerability in Galaxy Watch Plugin prior to version 2.2.05.220126741...
Low
Unreviewed
CVE-2022-25823
was published
Mar 11, 2022
Information Exposure vulnerability in Galaxy S3 Plugin prior to version 2.2.03.22012751 allows...
Low
Unreviewed
CVE-2022-25826
was published
Mar 11, 2022
Information Exposure vulnerability in Galaxy Watch3 Plugin prior to version 2.2.09.22012751...
Low
Unreviewed
CVE-2022-25830
was published
Mar 11, 2022
Media Foundation Information Disclosure Vulnerability. This CVE ID is unique from CVE-2022-22010.
Low
Unreviewed
CVE-2022-21977
was published
Mar 10, 2022
Microsoft Intune Portal for iOS Security Feature Bypass Vulnerability.
Low
Unreviewed
CVE-2022-24465
was published
Mar 10, 2022
A flaw was found in nbdkit due to to improperly caching plaintext state across the STARTTLS...
Low
Unreviewed
CVE-2021-3716
was published
Mar 4, 2022
The Duplicate Page or Post WordPress plugin before 1.5.1 does not have any authorisation and has...
Low
Unreviewed
CVE-2021-25075
was published
Feb 22, 2022
The AnyComment WordPress plugin before 0.2.18 is affected by a race condition when liking...
Low
Unreviewed
CVE-2022-0279
was published
Feb 22, 2022
IBM Maximo Anywhere 7.6.4.0 applications could allow obfuscation of the application source code....
Low
Unreviewed
CVE-2019-4352
was published
Feb 17, 2022
The Ibtana WordPress plugin before 1.1.4.9 does not have authorisation and CSRF checks in the...
Low
Unreviewed
CVE-2021-25014
was published
Feb 15, 2022
A vulnerability using PendingIntent in Bixby Vision prior to versions 3.7.60.8 in Android S(12),...
Low
Unreviewed
CVE-2022-23434
was published
Feb 12, 2022
Improper access control vulnerability in Samsung SearchWidget prior to versions 2.3.00.6 in China...
Low
Unreviewed
CVE-2022-24923
was published
Feb 12, 2022
PendingIntent hijacking vulnerability in DataUsageReminderReceiver prior to SMR Feb-2022 Release...
Low
Unreviewed
CVE-2022-24000
was published
Feb 12, 2022
ProTip!
Advisories are also available from the
GraphQL API