Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,636
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

2,091 advisories

Loading
Jonathan Looney discovered that the TCP retransmission queue implementation in tcp_fragment in... High Unreviewed
CVE-2019-11478 was published May 24, 2022
Resource allocation error while playing the video whose dimensions are more than supported... Critical Unreviewed
CVE-2019-2259 was published May 24, 2022
Index of array is processed in a wrong way inside a while loop and result in invalid index (-1 or... Critical Unreviewed
CVE-2018-11936 was published May 24, 2022
On Virgin Media wireless router 3.0 hub devices, the web interface is vulnerable to denial of... High Unreviewed
CVE-2018-19037 was published May 24, 2022
The WebUI of PHOENIX CONTACT FL SWITCH 3xxx, 4xxx, 48xx versions 1.0 to 1.34 is vulnerable to a... High Unreviewed
CVE-2018-13994 was published May 24, 2022
Multiple vulnerabilities in the Server Message Block (SMB) Protocol preprocessor detection engine... High Unreviewed
CVE-2019-1704 was published May 24, 2022
Multiple vulnerabilities in the Server Message Block (SMB) Protocol preprocessor detection engine... High Unreviewed
CVE-2019-1696 was published May 24, 2022
A vulnerability in the WebVPN login process of Cisco Adaptive Security Appliance (ASA) Software... High Unreviewed
CVE-2018-15388 was published May 24, 2022
An attacker could send a crafted HTTP/HTTPS request to render the web server unavailable and/or... High Unreviewed
CVE-2019-10952 was published May 24, 2022
Fujifilm FCR Capsula X/ Carbon X/ FCR XC-2, model versions CR-IR 357 FCR Carbon X, CR-IR 357 FCR... High Unreviewed
CVE-2019-10948 was published May 24, 2022
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent:... High Unreviewed
CVE-2019-2602 was published May 24, 2022
An issue was discovered in OWASP ModSecurity Core Rule Set (CRS) through 3.1.0. /rules/REQUEST... Moderate Unreviewed
CVE-2019-11391 was published May 24, 2022
An issue was discovered in OWASP ModSecurity Core Rule Set (CRS) through 3.1.0. /rules/REQUEST... Moderate Unreviewed
CVE-2019-11388 was published May 24, 2022
An issue was discovered in OWASP ModSecurity Core Rule Set (CRS) through 3.1.0. /rules/REQUEST... Moderate Unreviewed
CVE-2019-11389 was published May 24, 2022
An issue was discovered in OWASP ModSecurity Core Rule Set (CRS) through 3.1.0. /rules/REQUEST... Moderate Unreviewed
CVE-2019-11387 was published May 24, 2022
An issue was discovered in OWASP ModSecurity Core Rule Set (CRS) through 3.1.0. /rules/REQUEST... Moderate Unreviewed
CVE-2019-11390 was published May 24, 2022
A flaw was found in pacemaker up to and including version 2.0.1. An insufficient verification... Moderate Unreviewed
CVE-2018-16878 was published May 24, 2022
OPC UA Legacy Java Stack 2022-04-01 allows a remote attacker to cause a server to stop processing... High Unreviewed
CVE-2022-30551 was published May 21, 2022
A vulnerability has been identified in SIMATIC CP 442-1 RNA (All versions < V1.5.18), SIMATIC CP... Moderate Unreviewed
CVE-2022-27640 was published May 21, 2022
IBM DataPower Gateway 10.0.2.0, 10.0.3.0, 10.0.1.0 through 10.0.1.4, and 2018.4.1.0 through 2018... High Unreviewed
CVE-2021-38872 was published May 18, 2022
NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (nvidia.ko), where... Moderate Unreviewed
CVE-2022-28191 was published May 18, 2022
qpid-cpp: ACL policies only loaded if the acl-file option specified enabling DoS by consuming all... High Unreviewed
CVE-2014-0212 was published May 17, 2022
The vsf_filename_passes_filter function in ls.c in vsftpd before 2.3.3 allows remote... Moderate Unreviewed
CVE-2011-0762 was published May 17, 2022
The tcp_rcv_state_process function in net/ipv4/tcp_input.c in the Linux kernel before 3.2.24... High Unreviewed
CVE-2012-6638 was published May 17, 2022
Triangle MicroWorks SCADA Data Gateway before 3.00.0635 allows physically proximate attackers to... Low Unreviewed
CVE-2014-2343 was published May 17, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database