Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,640
Maven
5,000+
npm
4,265
NuGet
760
pip
4,061
Pub
12
RubyGems
956
Rust
1,057
Swift
45
Unreviewed advisories
All unreviewed
5,000+

11,577 advisories

Loading
Excessive data validation in URL parser in Google Chrome prior to 75.0.3770.80 allowed a remote... Moderate Unreviewed
CVE-2019-5839 was published May 24, 2022
VMware Tools for Windows (11.x.y prior to 11.2.6), VMware Remote Console for Windows (12.x prior... High Unreviewed
CVE-2021-21999 was published May 24, 2022
There's a flaw in jasper's jpc encoder in versions prior to 2.0.23. Crafted input provided to... High Unreviewed
CVE-2020-27828 was published May 24, 2022
Improper Input Validation in Undertow High
CVE-2020-1757 was published for io.undertow:undertow-core (Maven) May 24, 2022
yawkat
Credited to yawkat
A remote code execution vulnerability exists in Chamilo through 1.11.14 due to improper input... High Unreviewed
CVE-2021-31933 was published May 24, 2022
Impact Financials, Inc. Impact PDF Reader 2.0, 1.2, and other versions for iPhone and iPod touch... Moderate Unreviewed
CVE-2010-2332 was published May 17, 2022
SolarWinds TFTP Server 10.4.0.13 allows remote attackers to cause a denial of service (crash) via... Moderate Unreviewed
CVE-2010-2310 was published May 17, 2022
The Node Reference module in Content Construction Kit (CCK) module 5.x before 5.x-1.11 and 6.x... Moderate Unreviewed
CVE-2010-2352 was published May 17, 2022
Open redirect vulnerability in RSA Federated Identity Manager 4.0 before 4.0.25 and 4.1 before 4... Moderate Unreviewed
CVE-2010-2337 was published May 17, 2022
Galileo Students Team Weborf before 0.12.1 allows remote attackers to cause a denial of service ... Moderate Unreviewed
CVE-2010-2262 was published May 17, 2022
DataTrack System 3.5 allows remote attackers to bypass intended restrictions on file extensions,... Moderate Unreviewed
CVE-2010-2079 was published May 17, 2022
An improper input validation in FortiAI v1.4.0 and earlier may allow an authenticated user to... High Unreviewed
CVE-2021-24023 was published May 24, 2022
An arbitrary file deletion vulnerability was discovered on htmly v2.7.5 which allows remote... Moderate Unreviewed
CVE-2020-23766 was published May 24, 2022
Memory corruption due to improper input validation while processing IO control which is... High Unreviewed
CVE-2021-1892 was published May 24, 2022
Multiple vulnerabilities in the web UI of Cisco Smart Software Manager Satellite could allow an... Critical Unreviewed
CVE-2021-1142 was published May 24, 2022
Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions... Moderate Unreviewed
CVE-2021-2390 was published May 24, 2022
Multiple vulnerabilities in the web-based management interface of Cisco Data Center Network... Moderate Unreviewed
CVE-2021-1249 was published May 24, 2022
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016,... High Unreviewed
CVE-2021-1317 was published May 24, 2022
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016,... High Unreviewed
CVE-2021-1316 was published May 24, 2022
Improper Input Validation in Nagios Fusion 4.1.8 and earlier allows an authenticated attacker to... High Unreviewed
CVE-2020-28905 was published May 24, 2022
IBM Cloud Pak for Security (CP4S) 1.4.0.0, 1.5.0.0, 1.5.0.1, 1.6.0.0, and 1.6.0.1 uses a... Moderate Unreviewed
CVE-2021-20565 was published May 24, 2022
When a user opens manipulated Windows Bitmap (.BMP) files received from untrusted sources in SAP... Moderate Unreviewed
CVE-2021-27594 was published May 24, 2022
Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious... High Unreviewed
CVE-2022-24417 was published May 27, 2022
An event handler validation issue in the XPC Services API was addressed by removing the service.... Moderate Unreviewed
CVE-2022-22676 was published May 27, 2022
There is an Input Verification Vulnerability in Huawei Smartphone. Successful exploitation of... Critical Unreviewed
CVE-2021-22345 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database