GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
20
Go
2,000
Maven
5,000+
npm
3,711
NuGet
661
pip
3,383
Pub
11
RubyGems
885
Rust
849
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
269 advisories
Filter by severity
The Bluetooth Classic implementation on Actions ATS2815 chipsets does not properly handle the...
Moderate
Unreviewed
CVE-2021-31787
was published
Dec 1, 2021
In libming 0.4.8, the parseSWF_DEFINELOSSLESS2 function in util/parser.c lacks a boundary check...
Moderate
Unreviewed
CVE-2021-44591
was published
Jan 7, 2022
Z-Wave devices based on Silicon Labs 500 series chipsets using S0 authentication are susceptible...
Moderate
Unreviewed
CVE-2020-9059
was published
Jan 11, 2022
An issue was discovered in Stormshield SNS before 4.2.3 (when the proxy is used). An attacker can...
Moderate
Unreviewed
CVE-2021-28096
was published
Jan 28, 2022
IBM App Connect Enterprise Certified Container Dashboard UI (IBM App Connect Enterprise Certified...
Moderate
Unreviewed
CVE-2022-22404
was published
Apr 2, 2022
A lack of appropriate timeouts in GitLab Pages included in GitLab CE/EE all versions prior to 14...
Moderate
Unreviewed
CVE-2022-1121
was published
Apr 5, 2022
Mattermost Playbooks plugin v1.24.0 and earlier fails to properly check the limit on the number...
Moderate
Unreviewed
CVE-2022-1333
was published
Apr 14, 2022
A vulnerability in the NETCONF process of Cisco SD-WAN vEdge Routers could allow an authenticated...
Moderate
Unreviewed
CVE-2022-20717
was published
Apr 16, 2022
iptables before 1.2.4 does not accurately convert rate limits that are specified on the command...
Moderate
Unreviewed
CVE-2001-1388
was published
Apr 30, 2022
Memory leak in the worker MPM (worker.c) for Apache 2, in certain circumstances, allows remote...
Moderate
Unreviewed
CVE-2005-2970
was published
May 1, 2022
Joomla! 1.03 does not restrict the number of "Search" Mambots, which allows remote attackers to...
Moderate
Unreviewed
CVE-2005-4650
was published
May 1, 2022
The ap_proxy_http_process_response function in mod_proxy_http.c in the mod_proxy module in the...
Moderate
Unreviewed
CVE-2008-2364
was published
May 1, 2022
Opera, possibly 9.64 and earlier, allows remote attackers to cause a denial of service (memory...
Moderate
Unreviewed
CVE-2009-2540
was published
May 2, 2022
PHP before 5.2.12 and 5.3.x before 5.3.1 does not restrict the number of temporary files created...
Moderate
Unreviewed
CVE-2009-4017
was published
May 2, 2022
relan exFAT 1.3.0 allows local users to obtain sensitive information (data from deleted files in...
Moderate
Unreviewed
CVE-2022-29973
was published
May 3, 2022
An issue has been discovered in GitLab affecting all versions before 14.8.6, all versions...
Moderate
Unreviewed
CVE-2022-1428
was published
May 12, 2022
It was found in Ceph versions before 13.2.4 that authenticated ceph RGW users can cause a denial...
Moderate
Unreviewed
CVE-2018-16846
was published
May 13, 2022
The _zip_read_eocd64 function in zip_open.c in libzip before 1.3.0 mishandles EOCD records, which...
Moderate
Unreviewed
CVE-2017-14107
was published
May 13, 2022
An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed...
Moderate
Unreviewed
CVE-2019-9076
was published
May 13, 2022
An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed...
Moderate
Unreviewed
CVE-2019-9073
was published
May 13, 2022
An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed...
Moderate
Unreviewed
CVE-2019-9072
was published
May 13, 2022
A flaw was found in glusterfs server through versions 4.1.4 and 3.1.2 which allowed repeated...
Moderate
Unreviewed
CVE-2018-14660
was published
May 13, 2022
Vixie Cron before the 3.0pl1-133 Debian package allows local users to cause a denial of service ...
Moderate
Unreviewed
CVE-2019-9705
was published
May 13, 2022
On EX2300, EX3400, EX4600, QFX3K and QFX5K series, firewall filter configuration cannot perform...
Moderate
Unreviewed
CVE-2019-0005
was published
May 13, 2022
Crafted packets destined to the management interface (fxp0) of an SRX340 or SRX345 services...
Moderate
Unreviewed
CVE-2019-0038
was published
May 13, 2022
ProTip!
Advisories are also available from the
GraphQL API