Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,636
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

1,366 advisories

Loading
An issue was discovered in OWASP ModSecurity Core Rule Set (CRS) through 3.1.0. /rules/REQUEST... Moderate Unreviewed
CVE-2019-11389 was published May 24, 2022
An issue was discovered in OWASP ModSecurity Core Rule Set (CRS) through 3.1.0. /rules/REQUEST... Moderate Unreviewed
CVE-2019-11387 was published May 24, 2022
An issue was discovered in OWASP ModSecurity Core Rule Set (CRS) through 3.1.0. /rules/REQUEST... Moderate Unreviewed
CVE-2019-11390 was published May 24, 2022
A flaw was found in pacemaker up to and including version 2.0.1. An insufficient verification... Moderate Unreviewed
CVE-2018-16878 was published May 24, 2022
A vulnerability has been identified in SIMATIC CP 442-1 RNA (All versions < V1.5.18), SIMATIC CP... Moderate Unreviewed
CVE-2022-27640 was published May 21, 2022
NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (nvidia.ko), where... Moderate Unreviewed
CVE-2022-28191 was published May 18, 2022
DOMPDF denial of service vulnerability Moderate
CVE-2014-5012 was published for dompdf/dompdf (Composer) May 17, 2022
The vsf_filename_passes_filter function in ls.c in vsftpd before 2.3.3 allows remote... Moderate Unreviewed
CVE-2011-0762 was published May 17, 2022
Ejabberd DoS via malformed stanza Moderate
CVE-2011-4320 was published for ejabberd (Erlang) May 17, 2022
Apache Sling POST Servlets Denial of Service Vulnerability Moderate
CVE-2012-2138 was published for org.apache.sling:org.apache.sling.servlets.post (Maven) May 17, 2022
FriendsOfSymfony FOSUserBundle denial of service via login form Moderate
CVE-2013-5750 was published for friendsofsymfony/user-bundle (Composer) May 17, 2022
Rack Gem Subject to Denial of Service via Hash Collisions Moderate
CVE-2011-5036 was published for org.jruby:jruby-parent (RubyGems) May 17, 2022
Plone Authenticated Denial of Service vulnerability Moderate
CVE-2013-4188 was published for plone (pip) May 17, 2022
Triangle MicroWorks SCADA Data Gateway before 3.00.0635 allows remote attackers to cause a denial... Moderate Unreviewed
CVE-2014-2342 was published May 17, 2022
The SSL VPN implementation in Cisco Adaptive Security Appliance (ASA) Software 9.3(.2) and... Moderate Unreviewed
CVE-2014-3407 was published May 17, 2022
JRuby denial of service via Hash Collision Moderate
CVE-2012-5370 was published for org.jruby:jruby-parent (Maven) May 17, 2022
Apache ActiveMQ default configuration subject to denial of service Moderate
CVE-2012-6551 was published for org.apache.activemq:activemq-web-demo (Maven) May 17, 2022
sunSUNQ
Credited to sunSUNQ
OpenStack Image Service (Glance) allows remote authenticated users to bypass storage quota, cause denial of service Moderate
CVE-2015-5286 was published for glance (pip) May 17, 2022
Ruby vulnerable to denial of service Moderate
CVE-2013-1821 was published for org.jruby:jruby (Maven) May 17, 2022
Huawei CloudEngine 6800 V100R006C00, CloudEngine 7800 V100R006C00, CloudEngine 8800 V100R006C00,... Moderate Unreviewed
CVE-2016-8780 was published May 17, 2022
ws-xmlrpc DoS Vulnerability Moderate
CVE-2016-5004 was published for org.apache.xmlrpc:xmlrpc-common (Maven) May 17, 2022
The wav_open_read function in frontend/input.c in Freeware Advanced Audio Coder (FAAC) 1.28... Moderate Unreviewed
CVE-2017-9129 was published May 17, 2022
The mod_dontdothat component of the mod_dav_svn Apache module in Subversion as packaged in Red... Moderate Unreviewed
CVE-2016-6312 was published May 17, 2022
The TDStretch::acceptNewOverlapLength function in source/SoundTouch/TDStretch.cpp in SoundTouch 1... Moderate Unreviewed
CVE-2017-9259 was published May 17, 2022
The Intercluster Sync Agent Service in Cisco Unified Presence Server allows remote attackers to... Moderate Unreviewed
CVE-2014-3328 was published May 17, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database