Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,635
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

228 advisories

Loading
The Microchip RN4870 module firmware 1.43 (and the Microchip PIC LightBlue Explorer Demo 4.2... High Unreviewed
CVE-2022-46403 was published Dec 20, 2022
An improper handling of exceptional conditions vulnerability in Trend Micro Apex One and Apex One... High Unreviewed
CVE-2022-44652 was published Dec 12, 2022
go-merkledag's ProtoNode may be modified such that common method calls may panic High
CVE-2022-23495 was published for github.com/ipfs/go-merkledag (Go) Dec 8, 2022
mrd0ll4r
Credited to mrd0ll4r
Yauaa vulnerable to ArrayIndexOutOfBoundsException triggered by a crafted Sec-Ch-Ua-Full-Version-List High
CVE-2022-23496 was published for nl.basjes.parse.useragent:yauaa (Maven) Dec 8, 2022
binary-1024
Credited to binary-1024
Redmine 5.x before 5.0.4 allows downloading of file attachments of any Issue or any Wiki page due... High Unreviewed
CVE-2022-44030 was published Dec 7, 2022
A vulnerability in the processing of SSH connections of Cisco Firepower Management Center (FMC)... High Unreviewed
CVE-2022-20854 was published Nov 16, 2022
A denial of service vulnerability exists in the web_server hashFirst functionality of Robustel... High Unreviewed
CVE-2022-35268 was published Oct 25, 2022
A vulnerability in the SSH implementation of Cisco IOS Software and Cisco IOS XE Software could... High Unreviewed
CVE-2022-20920 was published Oct 11, 2022
Traefik HTTP/2 connections management could cause a denial of service High
CVE-2022-39271 was published for github.com/traefik/traefik/v2 (Go) Oct 10, 2022
A maliciously crafted PDF file when parsed through Autodesk AutoCAD 2023 causes an unhandled... High Unreviewed
CVE-2022-33887 was published Oct 4, 2022
A maliciously crafted MODEL and SLDPRT file can be used to write beyond the allocated buffer... High Unreviewed
CVE-2022-33886 was published Oct 4, 2022
A vulnerability in the processing of malformed Common Industrial Protocol (CIP) packets that are... High Unreviewed
CVE-2022-20919 was published Oct 1, 2022
** UNSUPPORTED WHEN ASSIGNED ** sys/netinet/tcp_timer.h in FreeBSD before 7.0 contains a denial... High Unreviewed
CVE-2022-32264 was published Sep 7, 2022
Denial of service due to incorrect application of event authorization rules High
CVE-2022-31152 was published for matrix-synapse (pip) Aug 31, 2022
Zoho ManageEngine OpManager, OpManager Plus, OpManager MSP, Network Configuration Manager,... High Unreviewed
CVE-2022-36923 was published Aug 11, 2022
In libtirpc before 1.3.3rc1, remote attackers could exhaust the file descriptors of a process... High Unreviewed
CVE-2021-46828 was published Jul 21, 2022
Improper Handling of Exceptional Conditions in Newtonsoft.Json High
CVE-2024-21907 was published for Newtonsoft.Json (NuGet) Jun 22, 2022
ezsilmar JamesNK
Credited to ezsilmar and JamesNK
A maliciously crafted PDF file may be used to dereference a pointer for read or write operation... High Unreviewed
CVE-2022-27872 was published Jun 22, 2022
mwlib 0.13 through 0.13.4 has a denial of service vulnerability when parsing #iferror magic... High Unreviewed
CVE-2012-1109 was published May 24, 2022
issues with partially successful P2M updates on x86 T[his CNA information record relates to... High Unreviewed
CVE-2021-28705 was published May 24, 2022
issues with partially successful P2M updates on x86 T[his CNA information record relates to... High Unreviewed
CVE-2021-28709 was published May 24, 2022
An improper handling of exceptional conditions vulnerability exists in Palo Alto Networks... High Unreviewed
CVE-2021-3063 was published May 24, 2022
In NLnet Labs Routinator prior to 0.10.2, a validation run can be delayed significantly by an... High Unreviewed
CVE-2021-43173 was published May 24, 2022
A vulnerability in the processing of SSH connections for multi-instance deployments of Cisco... High Unreviewed
CVE-2021-34781 was published May 24, 2022
In CODESYS V2 Runtime Toolkit 32 Bit full and PLCWinNT prior to versions V2.4.7.56... High Unreviewed
CVE-2021-34593 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database