Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,333
Erlang
31
GitHub Actions
22
Go
2,095
Maven
5,000+
npm
3,760
NuGet
678
pip
3,446
Pub
12
RubyGems
892
Rust
882
Swift
37
Unreviewed advisories
All unreviewed
5,000+

988 advisories

Loading
An issue found in Webroot SecureAnywhere Endpoint Protection CE 23.1 v.9.0.33.39 and before... Moderate Unreviewed
CVE-2023-29820 was published May 12, 2023
A directory traversal within the ‘ftpservlet’ of the FileCatalyst Workflow Web Portal allows... Critical Unreviewed
CVE-2024-25153 was published Mar 13, 2024
nbgrader's `frame-ancestors: self` grants all users access to formgrader High
CVE-2025-23205 was published for nbgrader (pip) Jan 17, 2025
An issue was discovered in Faronics Insight 10.0.19045 on Windows. The Insight Teacher Console... High Unreviewed
CVE-2023-28344 was published May 31, 2023
Under certain circumstances, a ServiceWorker's offline cache may have leaked to the file system... Moderate Unreviewed
CVE-2023-25750 was published Jun 2, 2023
An issue in WIPOTEC GmbH ComScale v4.3.29.21344 and v4.4.12.723 allows unauthenticated attackers... Critical Unreviewed
CVE-2023-45911 was published Oct 18, 2023
emoncms v11 and later was discovered to contain an information disclosure vulnerability which... Moderate Unreviewed
CVE-2023-33518 was published Jun 5, 2023
Windows Mixed Reality Developer Tools Information Disclosure Vulnerability. Moderate Unreviewed
CVE-2022-37974 was published Oct 12, 2022
Windows Graphics Component Information Disclosure Vulnerability. Moderate Unreviewed
CVE-2022-37985 was published Oct 12, 2022
Windows Graphics Component Information Disclosure Vulnerability. This CVE ID is unique from CVE... Moderate Unreviewed
CVE-2022-29112 was published May 11, 2022
Windows Server Service Information Disclosure Vulnerability. Moderate Unreviewed
CVE-2022-26936 was published May 11, 2022
Windows Clustered Shared Volume Information Disclosure Vulnerability. This CVE ID is unique from... Moderate Unreviewed
CVE-2022-29123 was published May 11, 2022
Windows Clustered Shared Volume Information Disclosure Vulnerability. This CVE ID is unique from... Moderate Unreviewed
CVE-2022-29122 was published May 11, 2022
Windows Clustered Shared Volume Information Disclosure Vulnerability. This CVE ID is unique from... Moderate Unreviewed
CVE-2022-29120 was published May 11, 2022
Windows WLAN AutoConfig Service Information Disclosure Vulnerability. Moderate Unreviewed
CVE-2022-26935 was published May 11, 2022
Remote Desktop Protocol Client Information Disclosure Vulnerability. Moderate Unreviewed
CVE-2022-26940 was published May 11, 2022
Windows NTFS Information Disclosure Vulnerability. Moderate Unreviewed
CVE-2022-26933 was published May 11, 2022
Windows Failover Cluster Information Disclosure Vulnerability. Moderate Unreviewed
CVE-2022-29102 was published May 11, 2022
Windows Remote Desktop Protocol (RDP) Information Disclosure Vulnerability. Moderate Unreviewed
CVE-2022-22015 was published May 11, 2022
Windows Graphics Component Information Disclosure Vulnerability. This CVE ID is unique from CVE... Moderate Unreviewed
CVE-2022-22011 was published May 11, 2022
On Unix platforms, the Go runtime does not behave differently when a binary is run with the... High Unreviewed
CVE-2023-29403 was published Jun 8, 2023
malicious container creates symlink "mtab" on the host External High
CVE-2024-5154 was published for github.com/cri-o/cri-o (Go) Jun 4, 2024
eriksjolund
Use of Hardware Page Aggregation (HPA) and Stage-1 and/or Stage-2 translation on A77, A78, A78C,... Critical Unreviewed
CVE-2024-5660 was published Dec 10, 2024
Apache Airflow: DAG Code and Import Error Permissions Ignored Moderate
CVE-2024-27906 was published for apache-airflow (pip) Feb 29, 2024
oscerd sunSUNQ
Apache Airflow vulnerable to Exposure of Resource to Wrong Sphere Moderate
CVE-2023-48291 was published for apache-airflow (pip) Dec 21, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database