Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,800
Erlang
36
GitHub Actions
29
Go
2,380
Maven
5,000+
npm
4,005
NuGet
720
pip
3,805
Pub
12
RubyGems
927
Rust
986
Swift
38
Unreviewed advisories
All unreviewed
5,000+

5,106 advisories

Loading
Windows Hyper-V in Windows 10 1607, 1703, and Windows Server 2016 allows a denial of service... Moderate Unreviewed
CVE-2017-8623 was published May 17, 2022
QuickerSite 1.8.5 allows remote attackers to obtain sensitive information via a request to... Moderate Unreviewed
CVE-2008-6676 was published May 17, 2022
IBM API Connect 5.0.0.0 through 5.0.8.10 is vulnerable to HTTP header injection, caused by... Moderate Unreviewed
CVE-2020-4706 was published May 24, 2022
In ellipsize of Layout.java, there is a possible ANR due to improper input validation. This could... Moderate Unreviewed
CVE-2021-0687 was published May 24, 2022
Mozilla Firefox before 48.0 on Android allows remote attackers to spoof the address bar via left... Moderate Unreviewed
CVE-2016-5267 was published May 17, 2022
The Bluetooth Classic implementation in Espressif ESP-IDF 4.4 and earlier does not properly... Moderate Unreviewed
CVE-2021-28135 was published May 24, 2022
Improper address validation vulnerability in RKP api prior to SMR JUN-2021 Release 1 allows root... Moderate Unreviewed
CVE-2021-25411 was published May 24, 2022
DataTrack System 3.5 allows remote attackers to list the root directory via a (1) /%u0085/ or (2)... Moderate Unreviewed
CVE-2010-2078 was published May 17, 2022
Improper input validation check logic vulnerability in libsmkvextractor prior to SMR Jun-2022... Moderate Unreviewed
CVE-2022-30720 was published Jun 8, 2022
Improper input validation check logic vulnerability in libsmkvextractor prior to SMR Jun-2022... Moderate Unreviewed
CVE-2022-30721 was published Jun 8, 2022
A logic issue was addressed with improved validation. This issue is fixed in iOS 14.7, macOS Big... Moderate Unreviewed
CVE-2021-30776 was published May 24, 2022
A CWE-20: Improper Input Validation vulnerability exists that could allow the product to be... Moderate Unreviewed
CVE-2022-30233 was published Jun 3, 2022
There is an information leak vulnerability in Huawei products. A module does not deal with... Moderate Unreviewed
CVE-2021-22342 was published May 24, 2022
IBM i2 Analyst's Notebook Premium (IBM i2 Analyze 4.3.0, 4.3.1, and 4.3.2) could allow an... Moderate Unreviewed
CVE-2021-29770 was published May 24, 2022
Vulnerability in the MySQL Cluster product of Oracle MySQL (component: Cluster: General).... Moderate Unreviewed
CVE-2021-35598 was published May 24, 2022
Vulnerability in the MySQL Cluster product of Oracle MySQL (component: Cluster: General).... Moderate Unreviewed
CVE-2021-35590 was published May 24, 2022
SAP Commerce (Backoffice Search), versions - 1808, 1811, 1905, 2005, 2011, allows a low... Moderate Unreviewed
CVE-2021-27619 was published May 24, 2022
toolbaru.dll in ICQ Toolbar (ICQToolbar) 2.3 allows remote attackers to cause a denial of service... Moderate Unreviewed
CVE-2008-7135 was published May 17, 2022
Open redirect vulnerability in the Global Redirect module 6.x-1.x before 6.x-1.4 and 7.x-1.x... Moderate Unreviewed
CVE-2010-2021 was published May 17, 2022
phpThumb.php in phpThumb() 1.7.9 and possibly other versions, when ImageMagick is installed,... Moderate Unreviewed
CVE-2010-1598 was published May 17, 2022
Open redirect vulnerability in red2301.html in HP System Management Homepage (SMH) 2.x.x.x allows... Moderate Unreviewed
CVE-2010-1586 was published May 17, 2022
In RELIC before 2020-08-01, RSA PKCS#1 v1.5 signature forgery can occur because certain checks of... Moderate Unreviewed
CVE-2020-36315 was published May 24, 2022
The npb_protocol_error function in sna V5router64 in IBM Communications Server for Windows 6.1.3... Moderate Unreviewed
CVE-2010-2090 was published May 17, 2022
Vulnerability in the MySQL Cluster product of Oracle MySQL (component: Cluster: General).... Moderate Unreviewed
CVE-2021-35592 was published May 24, 2022
In bind of MediaControlPanel.java, there is a possible way to lock up the system UI using a... Moderate Unreviewed
CVE-2021-0551 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database