Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,179
Erlang
31
GitHub Actions
19
Go
1,982
Maven
5,000+
npm
3,701
NuGet
656
pip
3,323
Pub
11
RubyGems
882
Rust
834
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

290 advisories

Loading
OpenSource Moddable v10.5.0 was discovered to contain a stack overflow in the... High Unreviewed
CVE-2021-29329 was published Nov 20, 2021
calibre before 5.32.0 contains a regular expression that is vulnerable to ReDoS (Regular... High Unreviewed
CVE-2021-44686 was published Dec 8, 2021
A regular expression denial of service (ReDoS) vulnerability exits in cbioportal 3.6.21 and older... High Unreviewed
CVE-2021-38244 was published Dec 17, 2021
There is a Memory leakage vulnerability in Smartphone.Successful exploitation of this... High Unreviewed
CVE-2021-37111 was published Jan 4, 2022
In archive/zip in Go before 1.16.8 and 1.17.x before 1.17.1, a crafted archive header (falsely... High Unreviewed
CVE-2021-39293 was published Jan 25, 2022
An authenticated user without any specific authorizations may be able to repeatedly invoke the... High Unreviewed
CVE-2021-32036 was published Feb 10, 2022
A vulnerability exists in SMM (System Management Mode) branch that registers a SWSMI handler that... High Unreviewed
CVE-2021-41840 was published Feb 10, 2022
ESXi contains a slow HTTP POST denial-of-service vulnerability in rhttpproxy. A malicious actor... High Unreviewed
CVE-2021-22050 was published Feb 17, 2022
Pexip Infinity before 27.0 has improper WebRTC input validation. An unauthenticated remote... High Unreviewed
CVE-2022-23228 was published Feb 19, 2022
sha256crypt and sha512crypt through 0.6 allow attackers to cause a denial of service (CPU... High Unreviewed
CVE-2016-20013 was published Feb 20, 2022
** UNSUPPORTED WHEN ASSIGNED ** A vulnerability has been found in WEKA INTEREST Security Scanner... High Unreviewed
CVE-2017-20016 was published Mar 29, 2022
An issue was discovered in FIS GT.M through V7.0-000 (related to the YottaDB code base). Using... High Unreviewed
CVE-2021-44502 was published Apr 16, 2022
A vulnerability in IP ingress packet processing of the Cisco Embedded Wireless Controller with... High Unreviewed
CVE-2022-20622 was published Apr 16, 2022
encoding/pem in Go before 1.17.9 and 1.8.x before 1.8.1 has a Decode stack overflow via a large... High Unreviewed
CVE-2022-24675 was published Apr 21, 2022
A vulnerability in SonicOS CFS (Content filtering service) returns a large 403 forbidden HTTP... High Unreviewed
CVE-2022-22278 was published Apr 28, 2022
A lack of rate limiting in the 'forgot password' feature of Zammad v5.1.0 allows attackers to... High Unreviewed
CVE-2022-29701 was published Apr 28, 2022
The Web TransferCtrl Class 8,2,1,4 (iManFile.cab), as used in WorkSite Web 8.2 before SP1 P2,... High Unreviewed
CVE-2008-1700 was published May 1, 2022
Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 4.x, 5.x before 5.1(3g), 6... High Unreviewed
CVE-2009-2054 was published May 2, 2022
The SIP channel driver in Asterisk Open Source 1.2.x before 1.2.34, 1.4.x before 1.4.26.1, 1.6.0... High Unreviewed
CVE-2009-2726 was published May 2, 2022
A vulnerability in the connection handling function in Cisco Firepower Threat Defense (FTD)... High Unreviewed
CVE-2022-20757 was published May 4, 2022
A vulnerability in the Snort detection engine integration for Cisco Firepower Threat Defense (FTD... High Unreviewed
CVE-2022-20751 was published May 4, 2022
A vulnerability in the Snort rule evaluation function of Cisco Firepower Threat Defense (FTD)... High Unreviewed
CVE-2022-20767 was published May 4, 2022
Tenda AC15 US_AC15V1.0BR_V15.03.05.20_multi_TDE01.bin is vulnerable to Buffer Overflow. The stack... High Unreviewed
CVE-2022-28556 was published May 5, 2022
An issue has been discovered in GitLab affecting all versions starting from 13.9 before 14.8.6,... High Unreviewed
CVE-2022-1510 was published May 12, 2022
A vulnerability in the processing of IP Service Level Agreement (SLA) packets by Cisco IOS... High Unreviewed
CVE-2019-1737 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database