Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,636
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

2,090 advisories

Loading
A vulnerability in the IP next-hop index database in Junos OS 17.3R3 may allow a flood of ARP... Moderate Unreviewed
CVE-2018-0063 was published May 13, 2022
A flaw was found in glusterfs server through versions 4.1.4 and 3.1.2 which allowed repeated... Moderate Unreviewed
CVE-2018-14660 was published May 13, 2022
The Gluster file system through versions 4.1.4 and 3.1.2 is vulnerable to a denial of service... Moderate Unreviewed
CVE-2018-14659 was published May 13, 2022
The resolver in nginx before 1.8.1 and 1.9.x before 1.9.10 does not properly limit CNAME... Moderate Unreviewed
CVE-2016-0747 was published May 13, 2022
** DISPUTED ** The Schneider Electric M340 PLC modules allow remote attackers to cause a denial... Moderate Unreviewed
CVE-2013-2763 was published May 13, 2022
An issue was discovered in Schneider Electric Magelis HMI Magelis GTO Advanced Optimum Panels,... Moderate Unreviewed
CVE-2016-8367 was published May 13, 2022
An issue was discovered in Schneider Electric Magelis HMI Magelis GTO Advanced Optimum Panels,... High Unreviewed
CVE-2016-8374 was published May 13, 2022
A vulnerability has been identified in Development/Evaluation Kits for PROFINET IO: DK Standard... High Unreviewed
CVE-2017-12741 was published May 13, 2022
nginx before versions 1.15.6 and 1.14.1 has a vulnerability in the implementation of HTTP/2 that... High Unreviewed
CVE-2018-16843 was published May 13, 2022
nginx before versions 1.15.6 and 1.14.1 has a vulnerability in the implementation of HTTP/2 that... High Unreviewed
CVE-2018-16844 was published May 13, 2022
nginx before versions 1.15.6, 1.14.1 has a vulnerability in the ngx_http_mp4_module, which might... Moderate Unreviewed
CVE-2018-16845 was published May 13, 2022
A Resource Exhaustion issue was discovered in Rockwell Automation ControlLogix 5580 controllers... High Unreviewed
CVE-2017-6024 was published May 13, 2022
The SdpContents::Session::Medium::parse function in resip/stack/SdpContents.cxx in reSIProcate 1... High Unreviewed
CVE-2017-11521 was published May 13, 2022
Specially crafted PROFINET DCP broadcast packets could cause a denial of service condition of... High Unreviewed
CVE-2017-2680 was published May 13, 2022
Specially crafted PROFINET DCP packets sent on a local Ethernet segment (Layer 2) to an affected... High Unreviewed
CVE-2017-2681 was published May 13, 2022
RSA BSAFE Micro Edition Suite, prior to 4.1.6.1 (in 4.1.x), and RSA BSAFE Crypto-C Micro Edition... Moderate Unreviewed
CVE-2018-11056 was published May 13, 2022
An exploitable code execution vulnerability exists in the UDP network functionality of Yi Home... High Unreviewed
CVE-2018-3935 was published May 13, 2022
A remote denial-of-service vulnerability exists in the way the Nouveau Display Driver (the... Moderate Unreviewed
CVE-2018-3979 was published May 13, 2022
An exploitable insufficient resource pool vulnerability exists in the session communication... High Unreviewed
CVE-2017-12093 was published May 13, 2022
An exploitable denial of service vulnerability exists in the processing of snmp-set commands of... High Unreviewed
CVE-2017-12090 was published May 13, 2022
An exploitable Denial of Service vulnerability exists in the API daemon of Circle with Disney... High Unreviewed
CVE-2017-2889 was published May 13, 2022
An exploitable vulnerability exists in the user photo update functionality of Circle with Disney... High Unreviewed
CVE-2017-2884 was published May 13, 2022
An exploitable denial of service exists in the the Joyent SmartOS OS 20161110T013148Z Hyprlofs... Moderate Unreviewed
CVE-2016-9040 was published May 13, 2022
An exploitable denial of service exists in the Joyent SmartOS 20161110T013148Z Hyprlofs file... Moderate Unreviewed
CVE-2016-9039 was published May 13, 2022
Uncontrolled Resource Consumption in GitHub repository causefx/organizr prior to 2.1.2000. This... High Unreviewed
CVE-2022-1699 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database