GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,096
Erlang
29
GitHub Actions
19
Go
1,925
Maven
5,000+
npm
3,654
NuGet
638
pip
3,263
Pub
10
RubyGems
873
Rust
823
Swift
35
Unreviewed advisories
All unreviewed
5,000+
6,058 advisories
Filter by severity
Wyse Device Agent version 14.6.1.4 and below contain a sensitive data exposure vulnerability. A...
Moderate
Unreviewed
CVE-2022-23158
was published
Apr 2, 2022
Wyse Device Agent version 14.6.1.4 and below contain a sensitive data exposure vulnerability. A...
Moderate
Unreviewed
CVE-2022-23157
was published
Apr 2, 2022
The JobMonster Theme was vulnerable to Directory Listing in the /wp-content/uploads/jobmonster/...
Moderate
Unreviewed
CVE-2022-1166
was published
Apr 5, 2022
An exposure of sensitive information to an unauthorized actor vulnerability [CWE-200] in...
Moderate
Unreviewed
CVE-2021-43205
was published
Apr 7, 2022
Apperta Foundation OpenEyes 3.5.1 allows remote attackers to view the sensitive information of...
Moderate
Unreviewed
CVE-2021-40375
was published
Apr 7, 2022
Zoho ManageEngine ServiceDesk Plus before 13001 allows anyone to know the organisation's default...
Moderate
Unreviewed
CVE-2022-25245
was published
Apr 6, 2022
The CCAgent option 9.0.8.4 and earlier in the management server (aka TSA) component in Alcatel...
Moderate
Unreviewed
CVE-2010-3280
was published
May 17, 2022
IBM Aspera High-Speed Transfer 4.3.1 and earlier could allow an authenticated user to obtain...
Moderate
Unreviewed
CVE-2022-22391
was published
Apr 15, 2022
An issue was discovered in Amazon AWS VPN Client 2.0.0. It is possible to include a UNC path in...
Moderate
Unreviewed
CVE-2022-25166
was published
Apr 15, 2022
The kernel in Apple iOS before 8.4.1 and OS X before 10.10.5 does not properly restrict the...
Moderate
Unreviewed
CVE-2015-3766
was published
May 17, 2022
Sensitive Information Exposure in E4J s.r.l. VikBooking Hotel Booking Engine & PMS plugin <= 1.5...
Moderate
Unreviewed
CVE-2022-27863
was published
Apr 20, 2022
ImageIO in Apple iOS before 8.4.1 and OS X before 10.10.5 does not properly initialize an...
Moderate
Unreviewed
CVE-2015-5782
was published
May 17, 2022
CloudKit in Apple iOS before 8.4.1 and OS X before 10.10.5 allows attackers to access an iCloud...
Moderate
Unreviewed
CVE-2015-3782
was published
May 17, 2022
Office Viewer in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remote attackers to read...
Moderate
Unreviewed
CVE-2015-3784
was published
May 17, 2022
A vulnerability in the XSI-Actions interface of Cisco BroadWorks Application Server could allow...
Moderate
Unreviewed
CVE-2021-1562
was published
May 24, 2022
Exposure of Sensitive Information to an Unauthorized Actor in DisCatSharp
Moderate
CVE-2022-24849
was published
for
DisCatSharp
(NuGet)
Apr 22, 2022
Exposure of Sensitive Information to an Unauthorized Actor in nanoid
Moderate
CVE-2021-23566
was published
for
nanoid
(npm)
Jan 21, 2022
Exposure of Sensitive Information to an Unauthorized Actor in Elasticsearch
Moderate
CVE-2018-17244
was published
for
org.elasticsearch:elasticsearch
(Maven)
May 13, 2022
Exposure of Sensitive Information to an Unauthorized Actor in Jenkins
Moderate
CVE-2018-1000169
was published
for
org.jenkins-ci.main:jenkins-core
(Maven)
May 14, 2022
Exposure of Sensitive Information to an Unauthorized Actor in Apache Hadoop
Moderate
CVE-2016-5001
was published
for
org.apache.hadoop:hadoop-common
(Maven)
May 13, 2022
Exposure of Sensitive Information to an Unauthorized Actor Jenkins Script Security Plugin
Moderate
CVE-2017-1000505
was published
for
org.jenkins-ci.plugins:script-security
(Maven)
May 14, 2022
Exposure of Sensitive Information to an Unauthorized Actor in Jenkins
Moderate
CVE-2018-1000192
was published
for
org.jenkins-ci.main:jenkins-core
(Maven)
May 13, 2022
Exposure of Sensitive Information to an Unauthorized Actor in Apache Hadoop
Moderate
CVE-2015-1776
was published
for
org.apache.hadoop:hadoop-common
(Maven)
May 17, 2022
Exposure of Sensitive Information to an Unauthorized Actor in Jenkins
Moderate
CVE-2017-2609
was published
for
org.jenkins-ci.main:jenkins-core
(Maven)
May 13, 2022
Exposure of Sensitive Information to an Unauthorized Actor in Oracle MySQL Connectors Java
Moderate
CVE-2017-3586
was published
for
mysql:mysql-connector-java
(Maven)
May 13, 2022
ProTip!
Advisories are also available from the
GraphQL API