Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

98 advisories

Loading
In miniadb, there is a possible way to get read/write access to recovery system properties due to... High Unreviewed
CVE-2021-39767 was published Mar 31, 2022
A vulnerability has been identified in SIMATIC PCS 7 V9.0 and earlier (All versions), SIMATIC PCS... High Unreviewed
CVE-2022-24287 was published May 21, 2022
In CODESYS V2 PLCWinNT and Runtime Toolkit 32 in versions prior to V2.4.7.57 password protection... Critical Unreviewed
CVE-2022-31806 was published Jun 25, 2022
Insecure default variable initialization in BIOS firmware for some Intel(R) NUC Boards and Intel... Moderate Unreviewed
CVE-2022-36349 was published Nov 11, 2022
A vulnerability in SonicWall Global Management System (GMS), allow a remote user to gain access... High Unreviewed
CVE-2019-7476 was published May 24, 2022
A vulnerability in the SSH key management for the Cisco Nexus 9000 Series Application Centric... Critical Unreviewed
CVE-2019-1804 was published May 24, 2022
A flaw was found in Openshift. A pod with a DNSPolicy of "ClusterFirst" may incorrectly resolve... High Unreviewed
CVE-2022-3262 was published Dec 8, 2022
In JetBrains TeamCity between 2022.10 and 2022.10.1 connecting to AWS using the "Default... Moderate Unreviewed
CVE-2022-46831 was published Dec 8, 2022
In WiFi, there is a possible disclosure of WiFi password to the end user due to an insecure... Low Unreviewed
CVE-2022-20342 was published Aug 13, 2022
In processPhonebookAccess of CachedBluetoothDevice.java, there is a possible permission bypass... Low Unreviewed
CVE-2019-2197 was published May 24, 2022
Lansweeper 6.0.x through 7.2.x has a default installation in which the admin password is... High Unreviewed
CVE-2020-14011 was published May 24, 2022
Dell PowerScale OneFS, versions 9.0.0, up to and including 9.1.0.19, 9.2.1.12, 9.3.0.6, and 9.4.0... Moderate Unreviewed
CVE-2022-32480 was published Aug 23, 2022
Insecure default variable initialization in some Intel(R) Thunderbolt(TM) DCH drivers for Windows... Moderate Unreviewed
CVE-2020-12327 was published May 24, 2022
Insecure default initialization of resource in Intel(R) Boot Guard in Intel(R) CSME versions... Moderate Unreviewed
CVE-2020-8705 was published May 24, 2022
In permission declarations of DeviceAdminReceiver.java, there is a possible lack of broadcast... High Unreviewed
CVE-2021-0534 was published May 24, 2022
Insecure default variable initialization for the Intel BSSA DFT feature may allow a privileged... Moderate Unreviewed
CVE-2021-0144 was published May 24, 2022
Insecure default variable initialization for the Intel BSSA DFT feature may allow a privileged... Moderate Unreviewed
CVE-2021-0114 was published May 24, 2022
nLight ECLYPSE (nECY) system Controllers running software prior to 1.17.21245.754 contain a... High Unreviewed
CVE-2021-40825 was published May 24, 2022
The Orca HCM digital learning platform uses a weak factory default administrator password, which... Critical Unreviewed
CVE-2021-35965 was published May 24, 2022
Dell EMC Integrated System for Microsoft Azure Stack Hub, versions 1906 – 2011, contain an... Critical Unreviewed
CVE-2021-21505 was published May 24, 2022
Multiple vulnerabilities in the web-based management interface of the Cisco Catalyst Passive... Critical Unreviewed
CVE-2021-34795 was published May 24, 2022
In Apache CouchDB prior to 3.2.2, an attacker can access an improperly secured default... Critical Unreviewed
CVE-2022-24706 was published Apr 27, 2022
A flaw was found in servicemesh-operator. The NetworkPolicy resources installed for Maistra do... Critical Unreviewed
CVE-2021-3586 was published Aug 23, 2022
In applyKeyguardFlags of NotificationShadeWindowControllerImpl.java, there is a possible way to... Moderate Unreviewed
CVE-2022-20466 was published Dec 13, 2022
Arris Touchstone Telephony Gateway TG1682G 9.1.103J6 devices are distributed by some ISPs with a... Moderate Unreviewed
CVE-2018-10989 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API