GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,512
Composer 4,179
Erlang 31
GitHub Actions 19
Go 1,982
Maven 5,155
npm 3,701
NuGet 656
pip 3,323
Pub 11
RubyGems 882
Rust 834
Swift 35

Unreviewed advisories

All unreviewed 233,049

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

569 advisories

Filter by severity

Sort by

Least recently updated

OpenSource Moddable v10.5.0 was discovered to contain a stack overflow in the... High Unreviewed

CVE-2021-29329 was published Nov 20, 2021

The Bluetooth Classic implementation on Actions ATS2815 chipsets does not properly handle the... Moderate Unreviewed

CVE-2021-31787 was published Dec 1, 2021

calibre before 5.32.0 contains a regular expression that is vulnerable to ReDoS (Regular... High Unreviewed

CVE-2021-44686 was published Dec 8, 2021

A regular expression denial of service (ReDoS) vulnerability exits in cbioportal 3.6.21 and older... High Unreviewed

CVE-2021-38244 was published Dec 17, 2021

There is a Memory leakage vulnerability in Smartphone.Successful exploitation of this... High Unreviewed

CVE-2021-37111 was published Jan 4, 2022

In libming 0.4.8, the parseSWF_DEFINELOSSLESS2 function in util/parser.c lacks a boundary check... Moderate Unreviewed

CVE-2021-44591 was published Jan 7, 2022

Z-Wave devices based on Silicon Labs 500 series chipsets using S0 authentication are susceptible... Moderate Unreviewed

CVE-2020-9059 was published Jan 11, 2022

In archive/zip in Go before 1.16.8 and 1.17.x before 1.17.1, a crafted archive header (falsely... High Unreviewed

CVE-2021-39293 was published Jan 25, 2022

An issue was discovered in Stormshield SNS before 4.2.3 (when the proxy is used). An attacker can... Moderate Unreviewed

CVE-2021-28096 was published Jan 28, 2022

An authenticated user without any specific authorizations may be able to repeatedly invoke the... High Unreviewed

CVE-2021-32036 was published Feb 10, 2022

A vulnerability exists in SMM (System Management Mode) branch that registers a SWSMI handler that... High Unreviewed

CVE-2021-41840 was published Feb 10, 2022

ESXi contains a slow HTTP POST denial-of-service vulnerability in rhttpproxy. A malicious actor... High Unreviewed

CVE-2021-22050 was published Feb 17, 2022

Pexip Infinity before 27.0 has improper WebRTC input validation. An unauthenticated remote... High Unreviewed

CVE-2022-23228 was published Feb 19, 2022

sha256crypt and sha512crypt through 0.6 allow attackers to cause a denial of service (CPU... High Unreviewed

CVE-2016-20013 was published Feb 20, 2022

** UNSUPPORTED WHEN ASSIGNED ** A vulnerability has been found in WEKA INTEREST Security Scanner... High Unreviewed

CVE-2017-20016 was published Mar 29, 2022

IBM App Connect Enterprise Certified Container Dashboard UI (IBM App Connect Enterprise Certified... Moderate Unreviewed

CVE-2022-22404 was published Apr 2, 2022

A lack of appropriate timeouts in GitLab Pages included in GitLab CE/EE all versions prior to 14... Moderate Unreviewed

CVE-2022-1121 was published Apr 5, 2022

Mattermost Playbooks plugin v1.24.0 and earlier fails to properly check the limit on the number... Moderate Unreviewed

CVE-2022-1333 was published Apr 14, 2022

An issue was discovered in FIS GT.M through V7.0-000 (related to the YottaDB code base). Using... High Unreviewed

CVE-2021-44502 was published Apr 16, 2022

A vulnerability in the NETCONF process of Cisco SD-WAN vEdge Routers could allow an authenticated... Moderate Unreviewed

CVE-2022-20717 was published Apr 16, 2022

A vulnerability in IP ingress packet processing of the Cisco Embedded Wireless Controller with... High Unreviewed

CVE-2022-20622 was published Apr 16, 2022

encoding/pem in Go before 1.17.9 and 1.8.x before 1.8.1 has a Decode stack overflow via a large... High Unreviewed

CVE-2022-24675 was published Apr 21, 2022

A vulnerability in SonicOS CFS (Content filtering service) returns a large 403 forbidden HTTP... High Unreviewed

CVE-2022-22278 was published Apr 28, 2022

A lack of rate limiting in the 'forgot password' feature of Zammad v5.1.0 allows attackers to... High Unreviewed

CVE-2022-29701 was published Apr 28, 2022

iptables before 1.2.4 does not accurately convert rate limits that are specified on the command... Moderate Unreviewed

CVE-2001-1388 was published Apr 30, 2022

Previous 1 2 3 4 5 … 22 23 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

569 advisories