Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,270
Erlang
31
GitHub Actions
21
Go
2,044
Maven
5,000+
npm
3,736
NuGet
663
pip
3,414
Pub
12
RubyGems
891
Rust
868
Swift
36
Unreviewed advisories
All unreviewed
5,000+

280 advisories

Loading
Knot Resolver through 5.5.1 may allow DNS cache poisoning when there is an attempt to limit... Moderate Unreviewed
CVE-2022-32983 was published Jun 21, 2022
The authentication mechanism used by technicians on the tested version of Dominion Voting Systems... High Unreviewed
CVE-2022-1745 was published Jun 25, 2022
IBM WebSphere Application Server Liberty 17.0.0.3 through 22.0.0.7 and Open Liberty are... High Unreviewed
CVE-2022-22476 was published Jul 9, 2022
Microweber before 1.2.21 allows attacker to bypass IP detection to brute-force password Moderate
CVE-2022-2368 was published for microweber/microweber (Composer) Jul 12, 2022
Inappropriate implementation in Full Screen Mode in Google Chrome on Android prior to 100.0.4896... Moderate Unreviewed
CVE-2022-1129 was published Jul 24, 2022
Inappropriate implementation in full screen in Google Chrome on Android prior to 100.0.4896.88... Moderate Unreviewed
CVE-2022-1307 was published Jul 26, 2022
Inappropriate implementation in compositing in Google Chrome prior to 100.0.4896.88 allowed a... Moderate Unreviewed
CVE-2022-1306 was published Jul 26, 2022
Incorrect security UI in Downloads in Google Chrome on Android prior to 101.0.4951.41 allowed a... Moderate Unreviewed
CVE-2022-1495 was published Jul 27, 2022
An authentication bypass vulnerability in Skyhigh SWG in main releases 10.x prior to 10.2.12, 9.x... Critical Unreviewed
CVE-2022-2310 was published Jul 28, 2022
Saia Burgess Controls (SBC) PCD through 2022-05-06 allows Authentication bypass. According to... High Unreviewed
CVE-2022-30319 was published Jul 29, 2022
Improperly Implemented Security Check vulnerability in the SonicWall Hosted Email Security leads... High Unreviewed
CVE-2022-2324 was published Jul 30, 2022
Due to a bug in the handling of the communication between the client and server, it was possible... Moderate Unreviewed
CVE-2022-35629 was published Jul 30, 2022
dproxy-nexgen (aka dproxy nexgen) forwards and caches DNS queries with the CD (aka checking... Moderate Unreviewed
CVE-2022-33991 was published Aug 16, 2022
A flaw was found in Samba. The KDC accepts kpasswd requests encrypted with any key known to it.... High Unreviewed
CVE-2022-32744 was published Aug 26, 2022
Tesla Model 3 V11.0(2022.4.5.1 6b701552d7a6) Tesla mobile app v4.23 is vulnerable to... Moderate Unreviewed
CVE-2022-37709 was published Sep 17, 2022
python-jwt vulnerable to token forgery with new claims Critical
CVE-2022-39227 was published for python-jwt (pip) Sep 21, 2022
TomTervoort
Layer 2 network filtering capabilities such as IPv6 RA guard can be bypassed using LLC/SNAP... Moderate Unreviewed
CVE-2021-27862 was published Sep 28, 2022
Layer 2 network filtering capabilities such as IPv6 RA guard can be bypassed using LLC/SNAP... Moderate Unreviewed
CVE-2021-27861 was published Sep 28, 2022
Layer 2 network filtering capabilities such as IPv6 RA guard or ARP inspection can be bypassed... Moderate Unreviewed
CVE-2021-27853 was published Sep 28, 2022
Layer 2 network filtering capabilities such as IPv6 RA guard can be bypassed using combinations... Moderate Unreviewed
CVE-2021-27854 was published Sep 28, 2022
Windows CryptoAPI Spoofing Vulnerability. High Unreviewed
CVE-2022-34689 was published Oct 12, 2022
Windows NTLM Spoofing Vulnerability. Moderate Unreviewed
CVE-2022-35770 was published Oct 12, 2022
An authentication bypass vulnerability in the Palo Alto Networks PAN-OS 8.1 web interface allows... High Unreviewed
CVE-2022-0030 was published Oct 12, 2022
anji-plus AJ-Report 0.9.8.6 allows remote attackers to bypass login authentication by spoofing... High Unreviewed
CVE-2022-42983 was published Oct 17, 2022
"IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 Web services could allow a man-in-the... Moderate Unreviewed
CVE-2022-38712 was published Nov 4, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database