Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,189
Erlang
31
GitHub Actions
19
Go
1,985
Maven
5,000+
npm
3,701
NuGet
657
pip
3,326
Pub
11
RubyGems
882
Rust
836
Swift
35
Unreviewed advisories
All unreviewed
5,000+

96 advisories

Loading
RSA BSAFE SSL-J versions prior to 6.2.4 contain a Heap Inspection vulnerability that could allow... Moderate Unreviewed
CVE-2018-11068 was published May 13, 2022
Resource leakage when decoding certificates and keys High
CVE-2022-1473 was published for openssl-src (Rust) May 4, 2022
pinkforest
Oracle Formsbuilder 9.0.4 stores database usernames and passwords in a temporary file, which is... Low Unreviewed
CVE-2005-2293 was published May 1, 2022
BEA WebLogic Server and WebLogic Express 7.0 through Service Pack 5 does not log out users when... High Unreviewed
CVE-2005-1744 was published May 1, 2022
SecureClean 3 build 2.0 does not clear Windows alternate data streams that are attached to files... Moderate Unreviewed
CVE-2002-2070 was published Apr 30, 2022
BestCrypt BCWipe 1.0.7 and 2.0 through 2.35.1 does not clear Windows alternate data streams that... Moderate Unreviewed
CVE-2002-2066 was published Apr 30, 2022
Eraser 5.3 does not clear Windows alternate data streams that are attached to files on NTFS file... Moderate Unreviewed
CVE-2002-2068 was published Apr 30, 2022
East-Tec Eraser 2002 does not clear Windows alternate data streams that are attached to files on... Moderate Unreviewed
CVE-2002-2067 was published Apr 30, 2022
PGP 6.x and 7.x does not clear Windows alternate data streams that are attached to files on NTFS... Moderate Unreviewed
CVE-2002-2069 was published Apr 30, 2022
An interaction between PGP 7.0.3 with the "wipe deleted files" option, when used on Windows... Low Unreviewed
CVE-2002-0788 was published Apr 30, 2022
ICQwebmail client for ICQ 2000A creates a world readable temporary file during login and does not... Low Unreviewed
CVE-2000-0552 was published Apr 30, 2022
An exploitable privilege escalation vulnerability exists in the helper service CleanMyMac X,... Moderate Unreviewed
CVE-2019-5011 was published Apr 30, 2022
Under certain circumstances the session token is not cleared on logout. Critical Unreviewed
CVE-2021-36205 was published Apr 16, 2022
A flaw use after free in the Linux kernel Management Component Transport Protocol (MCTP)... High Unreviewed
CVE-2022-0646 was published Feb 19, 2022
Insufficient cleanup of passed-through device IRQs The management of IRQs associated with... Moderate Unreviewed
CVE-2022-23035 was published Jan 26, 2022
A vulnerability was found in the Linux kernel's KVM subsystem in arch/x86/kvm/lapic.c... Moderate Unreviewed
CVE-2021-4032 was published Jan 22, 2022
Memory flaw in zeroize_derive Critical
CVE-2021-45706 was published for zeroize_derive (Rust) Jan 6, 2022
KamilaBorowska
There is a Incomplete Cleanup vulnerability in Huawei Smartphone.Successful exploitation of this... High Unreviewed
CVE-2021-37092 was published Dec 9, 2021
There is a Incomplete Cleanup vulnerability in Huawei Smartphone.Successful exploitation of this... High Unreviewed
CVE-2021-37080 was published Dec 8, 2021
There is a Incomplete Cleanup vulnerability in Huawei Smartphone.Successful exploitation of this... High Unreviewed
CVE-2021-37089 was published Dec 8, 2021
Exposure of Resource to Wrong Sphere and Insecure Temporary File in Ansible Moderate
CVE-2020-10685 was published for ansible (pip) Apr 7, 2021
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database