GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,944
Composer 4,273
Erlang 31
GitHub Actions 21
Go 2,055
Maven 5,234
npm 3,739
NuGet 668
pip 3,417
Pub 12
RubyGems 891
Rust 872
Swift 36

Unreviewed advisories

All unreviewed 238,537

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

10,051 advisories

Filter by severity

Sort by

Least recently updated

Improper authentication in One UI Home prior to SMR Mar-2022 Release 1 allows attacker to... Low Unreviewed

CVE-2022-25817 was published Mar 11, 2022

Information Exposure vulnerability in Watch Active2 Plugin prior to version 2.2.08.22012751... Low Unreviewed

CVE-2022-25829 was published Mar 11, 2022

Information Exposure vulnerability in Galaxy Watch Plugin prior to version 2.2.05.22012751 allows... Low Unreviewed

CVE-2022-25827 was published Mar 11, 2022

Information Exposure vulnerability in Galaxy Watch Plugin prior to version 2.2.05.220126741... Low Unreviewed

CVE-2022-25823 was published Mar 11, 2022

Information Exposure vulnerability in Watch Active Plugin prior to version 2.2.07.22012751 allows... Low Unreviewed

CVE-2022-25828 was published Mar 11, 2022

Information Exposure vulnerability in Galaxy S3 Plugin prior to version 2.2.03.22012751 allows... Low Unreviewed

CVE-2022-25826 was published Mar 11, 2022

Improper access control vulnerability in BixbyTouch prior to version 2.2.00.6 in China models... Low Unreviewed

CVE-2022-25824 was published Mar 11, 2022

Information Exposure vulnerability in Galaxy Watch3 Plugin prior to version 2.2.09.22012751... Low Unreviewed

CVE-2022-25830 was published Mar 11, 2022

Media Foundation Information Disclosure Vulnerability. This CVE ID is unique from CVE-2022-22010. Low Unreviewed

CVE-2022-21977 was published Mar 10, 2022

Microsoft Intune Portal for iOS Security Feature Bypass Vulnerability. Low Unreviewed

CVE-2022-24465 was published Mar 10, 2022

A flaw was found in nbdkit due to to improperly caching plaintext state across the STARTTLS... Low Unreviewed

CVE-2021-3716 was published Mar 4, 2022

The Duplicate Page or Post WordPress plugin before 1.5.1 does not have any authorisation and has... Low Unreviewed

CVE-2021-25075 was published Feb 22, 2022

The AnyComment WordPress plugin before 0.2.18 is affected by a race condition when liking... Low Unreviewed

CVE-2022-0279 was published Feb 22, 2022

IBM Maximo Anywhere 7.6.4.0 applications could allow obfuscation of the application source code.... Low Unreviewed

CVE-2019-4352 was published Feb 17, 2022

The Ibtana WordPress plugin before 1.1.4.9 does not have authorisation and CSRF checks in the... Low Unreviewed

CVE-2021-25014 was published Feb 15, 2022

A vulnerability using PendingIntent in Bixby Vision prior to versions 3.7.60.8 in Android S(12),... Low Unreviewed

CVE-2022-23434 was published Feb 12, 2022

Improper access control vulnerability in Samsung SearchWidget prior to versions 2.3.00.6 in China... Low Unreviewed

CVE-2022-24923 was published Feb 12, 2022

PendingIntent hijacking vulnerability in DataUsageReminderReceiver prior to SMR Feb-2022 Release... Low Unreviewed

CVE-2022-24000 was published Feb 12, 2022

PendingIntent hijacking vulnerability in CpaReceiver prior to SMR Feb-2022 Release 1 allows local... Low Unreviewed

CVE-2022-23999 was published Feb 12, 2022

Microsoft SharePoint Server Spoofing Vulnerability This CVE ID is unique from CVE-2021-43242. Low Unreviewed

CVE-2021-42320 was published Feb 11, 2022

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE ... Low Unreviewed

CVE-2022-21248 was published Feb 11, 2022

An issue was discovered in fs/nfs/dir.c in the Linux kernel before 5.16.5. If an application sets... Low Unreviewed

CVE-2022-24448 was published Feb 10, 2022

In ArangoDB, versions v3.7.0 through v3.9.0-alpha.1 have a feature which allows downloading a... Low Unreviewed

CVE-2021-25939 was published Feb 10, 2022

Full list of recipients from customer users in a contact field could be disclosed in notification... Low Unreviewed

CVE-2022-0474 was published Feb 8, 2022

A CWE-331: Insufficient Entropy vulnerability exists that could cause unintended connection from... Low Unreviewed

CVE-2021-22799 was published Jan 29, 2022

Previous 1 2 … 396 397 398 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

10,051 advisories