Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,179
Erlang
31
GitHub Actions
19
Go
1,982
Maven
5,000+
npm
3,701
NuGet
656
pip
3,323
Pub
11
RubyGems
882
Rust
834
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

259 advisories

Loading
The Bluetooth Classic implementation on Actions ATS2815 chipsets does not properly handle the... Moderate Unreviewed
CVE-2021-31787 was published Dec 1, 2021
In libming 0.4.8, the parseSWF_DEFINELOSSLESS2 function in util/parser.c lacks a boundary check... Moderate Unreviewed
CVE-2021-44591 was published Jan 7, 2022
Z-Wave devices based on Silicon Labs 500 series chipsets using S0 authentication are susceptible... Moderate Unreviewed
CVE-2020-9059 was published Jan 11, 2022
An issue was discovered in Stormshield SNS before 4.2.3 (when the proxy is used). An attacker can... Moderate Unreviewed
CVE-2021-28096 was published Jan 28, 2022
IBM App Connect Enterprise Certified Container Dashboard UI (IBM App Connect Enterprise Certified... Moderate Unreviewed
CVE-2022-22404 was published Apr 2, 2022
A lack of appropriate timeouts in GitLab Pages included in GitLab CE/EE all versions prior to 14... Moderate Unreviewed
CVE-2022-1121 was published Apr 5, 2022
Mattermost Playbooks plugin v1.24.0 and earlier fails to properly check the limit on the number... Moderate Unreviewed
CVE-2022-1333 was published Apr 14, 2022
A vulnerability in the NETCONF process of Cisco SD-WAN vEdge Routers could allow an authenticated... Moderate Unreviewed
CVE-2022-20717 was published Apr 16, 2022
iptables before 1.2.4 does not accurately convert rate limits that are specified on the command... Moderate Unreviewed
CVE-2001-1388 was published Apr 30, 2022
Memory leak in the worker MPM (worker.c) for Apache 2, in certain circumstances, allows remote... Moderate Unreviewed
CVE-2005-2970 was published May 1, 2022
Joomla! 1.03 does not restrict the number of "Search" Mambots, which allows remote attackers to... Moderate Unreviewed
CVE-2005-4650 was published May 1, 2022
The ap_proxy_http_process_response function in mod_proxy_http.c in the mod_proxy module in the... Moderate Unreviewed
CVE-2008-2364 was published May 1, 2022
Opera, possibly 9.64 and earlier, allows remote attackers to cause a denial of service (memory... Moderate Unreviewed
CVE-2009-2540 was published May 2, 2022
PHP before 5.2.12 and 5.3.x before 5.3.1 does not restrict the number of temporary files created... Moderate Unreviewed
CVE-2009-4017 was published May 2, 2022
relan exFAT 1.3.0 allows local users to obtain sensitive information (data from deleted files in... Moderate Unreviewed
CVE-2022-29973 was published May 3, 2022
An issue has been discovered in GitLab affecting all versions before 14.8.6, all versions... Moderate Unreviewed
CVE-2022-1428 was published May 12, 2022
It was found in Ceph versions before 13.2.4 that authenticated ceph RGW users can cause a denial... Moderate Unreviewed
CVE-2018-16846 was published May 13, 2022
The _zip_read_eocd64 function in zip_open.c in libzip before 1.3.0 mishandles EOCD records, which... Moderate Unreviewed
CVE-2017-14107 was published May 13, 2022
An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed... Moderate Unreviewed
CVE-2019-9076 was published May 13, 2022
An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed... Moderate Unreviewed
CVE-2019-9073 was published May 13, 2022
An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed... Moderate Unreviewed
CVE-2019-9072 was published May 13, 2022
A flaw was found in glusterfs server through versions 4.1.4 and 3.1.2 which allowed repeated... Moderate Unreviewed
CVE-2018-14660 was published May 13, 2022
Vixie Cron before the 3.0pl1-133 Debian package allows local users to cause a denial of service ... Moderate Unreviewed
CVE-2019-9705 was published May 13, 2022
On EX2300, EX3400, EX4600, QFX3K and QFX5K series, firewall filter configuration cannot perform... Moderate Unreviewed
CVE-2019-0005 was published May 13, 2022
Crafted packets destined to the management interface (fxp0) of an SRX340 or SRX345 services... Moderate Unreviewed
CVE-2019-0038 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database