GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,634
NuGet
638
pip
3,250
Pub
10
RubyGems
867
Rust
819
Swift
35
Unreviewed advisories
All unreviewed
5,000+
85 advisories
Filter by severity
East-Tec Eraser 2002 does not clear Windows alternate data streams that are attached to files on...
Moderate
Unreviewed
CVE-2002-2067
was published
Apr 30, 2022
BestCrypt BCWipe 1.0.7 and 2.0 through 2.35.1 does not clear Windows alternate data streams that...
Moderate
Unreviewed
CVE-2002-2066
was published
Apr 30, 2022
Improper clearing of sensitive data in the ASP Bootloader may expose secret keys to a privileged...
Moderate
Unreviewed
CVE-2021-46766
was published
Nov 14, 2023
Xenstore: Guests can create orphaned Xenstore nodes By creating multiple nodes inside a...
Moderate
Unreviewed
CVE-2022-42310
was published
Nov 1, 2022
Xenstore: Guests can get access to Xenstore nodes of deleted domains Access rights of Xenstore...
High
Unreviewed
CVE-2022-42320
was published
Nov 1, 2022
BEA WebLogic Server and WebLogic Express 7.0 through Service Pack 5 does not log out users when...
High
Unreviewed
CVE-2005-1744
was published
May 1, 2022
An Incomplete Cleanup vulnerability in Nonstop active routing (NSR) component of Juniper...
Moderate
Unreviewed
CVE-2024-21617
was published
Jan 12, 2024
Apache Struts Improper Control of Dynamically-Managed Code Resources vulnerability
High
CVE-2023-41835
was published
for
org.apache.struts:struts2-core
(Maven)
Dec 5, 2023
Apache Tomcat Incomplete Cleanup vulnerability
Moderate
CVE-2023-42794
was published
for
org.apache.tomcat:tomcat
(Maven)
Oct 10, 2023
Incomplete cleanup for some Intel Unison software may allow a privileged user to potentially...
Low
Unreviewed
CVE-2022-46298
was published
Nov 14, 2023
Incomplete cleanup for some Intel Unison software may allow an authenticated user to potentially...
Low
Unreviewed
CVE-2022-43477
was published
Nov 14, 2023
Upgrading doesn't prevent exploiting vulnerable XWiki documents
Critical
CVE-2023-36468
was published
for
org.xwiki.platform:xwiki-platform-oldcore
(Maven)
Jun 30, 2023
Spring Security logout not clearing security context
Moderate
CVE-2023-20862
was published
for
org.springframework.security:spring-security-core
(Maven)
Apr 19, 2023
redis-py Race Condition due to incomplete fix
Moderate
CVE-2023-28859
was published
for
redis
(pip)
Mar 26, 2023
Resource leakage when decoding certificates and keys
High
CVE-2022-1473
was published
for
openssl-src
(Rust)
May 4, 2022
A flaw was found in the Linux kernel. The existing KVM SEV API has a vulnerability that allows a...
Moderate
Unreviewed
CVE-2022-0171
was published
Aug 27, 2022
An information leak vulnerability was discovered in HAProxy 2.1, 2.2 before 2.2.27, 2.3, 2.4...
High
Unreviewed
CVE-2023-0836
was published
Mar 29, 2023
Local privilege escalation due to incomplete uninstallation cleanup. The following products are...
High
Unreviewed
CVE-2022-45455
was published
Feb 13, 2023
A flaw use after free in the Linux kernel Management Component Transport Protocol (MCTP)...
High
Unreviewed
CVE-2022-0646
was published
Feb 19, 2022
A vulnerability was found in the Linux kernel's KVM subsystem in arch/x86/kvm/lapic.c...
Moderate
Unreviewed
CVE-2021-4032
was published
Jan 22, 2022
An issue was discovered in the FUSE filesystem implementation in the Linux kernel before 5.10.6,...
Moderate
Unreviewed
CVE-2020-36322
was published
May 24, 2022
Apache ShardingSphere-Proxy Incomplete Cleanup vulnerability
Critical
CVE-2022-45347
was published
for
org.apache.shardingsphere:shardingsphere-proxy
(Maven)
Dec 22, 2022
Incomplete Cleanup vulnerability in ECOS Secure Boot Stick (aka SBS) 5.6.5 allows an attacker to...
Moderate
Unreviewed
CVE-2018-12332
was published
May 13, 2022
An issue was discovered in Xen through 4.11.x on AMD x86 platforms, possibly allowing guest OS...
High
Unreviewed
CVE-2018-19961
was published
May 13, 2022
An issue was discovered in chan_skinny.c in Asterisk Open Source 13.18.2 and older, 14.7.2 and...
High
Unreviewed
CVE-2017-17090
was published
May 13, 2022
ProTip!
Advisories are also available from the
GraphQL API