Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,809
Erlang
36
GitHub Actions
31
Go
2,393
Maven
5,000+
npm
4,026
NuGet
720
pip
3,818
Pub
12
RubyGems
932
Rust
988
Swift
38
Unreviewed advisories
All unreviewed
5,000+

58 advisories

Loading
An issue was found in Action Launcher v50.5 allows an attacker to escalate privilege via... High Unreviewed
CVE-2022-47029 was published May 30, 2023
CLTPHP <=6.0 is vulnerable to Improper Input Validation via application/admin/controller/Template... High Unreviewed
CVE-2023-30269 was published Apr 26, 2023
A flaw was found in the c-ares package. The ares_set_sortlist is missing checks about the... High Unreviewed
CVE-2022-4904 was published Mar 7, 2023
The geofencing kernel code has a vulnerability of not verifying the length of the input data.... High Unreviewed
CVE-2022-48297 was published Feb 9, 2023
The geofencing kernel code does not verify the length of the input data. Successful exploitation... High Unreviewed
CVE-2022-48298 was published Feb 9, 2023
For certain systems running EOS, a Precision Time Protocol (PTP) packet of a management/signaling... High Unreviewed
CVE-2021-28510 was published Jan 26, 2023
In Condition of Condition.java, there is a possible way to grant notification access due to... High Unreviewed
CVE-2022-20493 was published Jan 26, 2023
The demon image annotation plugin for WordPress is vulnerable to improper input validation in... High Unreviewed
CVE-2022-4171 was published Dec 13, 2022
In NotificationChannel of NotificationChannel.java, there is a possible failure to persist... High Unreviewed
CVE-2022-20491 was published Dec 13, 2022
In NotificationChannel of NotificationChannel.java, there is a possible failure to persist... High Unreviewed
CVE-2022-20488 was published Dec 13, 2022
A vulnerability has been identified in SIMATIC Drive Controller family (All versions < V3.0.1),... High Unreviewed
CVE-2021-44693 was published Dec 13, 2022
Multiple vulnerabilities in the Cisco Discovery Protocol functionality of Cisco ATA 190 Series... High Unreviewed
CVE-2022-20689 was published Dec 12, 2022
Multiple vulnerabilities in the Cisco Discovery Protocol functionality of Cisco ATA 190 Series... High Unreviewed
CVE-2022-20690 was published Dec 12, 2022
conduit-hyper vulnerable to Denial of Service from unchecked request length High
CVE-2022-39294 was published for conduit-hyper (Rust) Oct 31, 2022
parse-server crashes when receiving file download request with invalid byte range High
CVE-2022-39313 was published for parse-server (npm) Oct 18, 2022
hej2010 tdunlap607
linked_list_allocator vulnerable to out-of-bound writes on `Heap` initialization and `Heap::extend` High
CVE-2022-36086 was published for linked_list_allocator (Rust) Sep 16, 2022
evanrichter
Improper Input Validation vulnerability exists in the Hitachi Energy MicroSCADA X SYS600's ICCP... High Unreviewed
CVE-2022-2277 was published Sep 15, 2022
libtiff's tiffcrop utility has a improper input validation flaw that can lead to out of bounds... High Unreviewed
CVE-2022-2868 was published Aug 18, 2022
NHI’s health insurance web service component has insufficient validation for input string length,... High Unreviewed
CVE-2021-45918 was published Jun 21, 2022
The rds_page_copy_user function in net/rds/page.c in the Reliable Datagram Sockets (RDS) protocol... High Unreviewed
CVE-2010-3904 was published May 13, 2022
A vulnerability in the HCI Modbus TCP COMPONENT of Hitachi Energy RTU500 series CMU Firmware that... High Unreviewed
CVE-2022-28613 was published May 3, 2022
src/sdp.c in bluez-libs 3.30 in BlueZ, and other bluez-libs before 3.34 and bluez-utils before 3... High Unreviewed
CVE-2008-2374 was published May 1, 2022
Microsoft Windows XP SP2 and SP3, and Server 2003 SP1 and SP2, does not properly validate the... High Unreviewed
CVE-2008-1440 was published May 1, 2022
A heap-based buffer overflow vulnerability exists in the XWD parser functionality of Accusoft... High Unreviewed
CVE-2021-21943 was published Apr 15, 2022
Buffer overflow vulnerabilities exist in FRRouting through 8.1.0 due to wrong checks on the input... High Unreviewed
CVE-2022-26125 was published Mar 4, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database