Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,224
Erlang
31
GitHub Actions
19
Go
1,990
Maven
5,000+
npm
3,706
NuGet
661
pip
3,336
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+

105 advisories

Loading
In checkFileUriDestination of DownloadProvider.java, there is a possible way to bypass external... High Unreviewed
CVE-2021-39697 was published Mar 17, 2022
In createOrUpdate of BasePermission.java, there is a possible permission bypass due to a logic... High Unreviewed
CVE-2021-39695 was published Mar 17, 2022
In deleteNotificationChannelGroup of NotificationManagerService.java, there is a possible way to... High Unreviewed
CVE-2021-39704 was published Mar 17, 2022
Heimdal.Wizard.exe installer in Heimdal Premium Security 2.5.395 and earlier has insecure... High Unreviewed
CVE-2022-24618 was published Mar 11, 2022
lakeFS vulnerable to authenticated users deleting files they are not authorized to delete High
GHSA-28q9-9c3g-v3f9 was published for github.com/treeverse/lakefs (Go) Sep 23, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database