Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,636
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

5,051 advisories

Loading
A potential vulnerability in the SMI callback function used in the SMBIOS event log driver in... High Unreviewed
CVE-2021-4211 was published Apr 23, 2022
A potential vulnerability due to improper buffer validation in the SMI handler... High Unreviewed
CVE-2022-1108 was published Apr 23, 2022
A potential vulnerability due to use of Boot Services in the SmmOEMInt15 SMI handler in some... High Unreviewed
CVE-2022-1107 was published Apr 23, 2022
Insufficient type validation in pocketmine/pocketmine-mp High
GHSA-g5rr-p69h-7v3g was published for pocketmine/pocketmine-mp (Composer) Apr 22, 2022
kurt-r2c
Credited to kurt-r2c
Improper Input Validation in GeoServer High
CVE-2022-24847 was published for org.geoserver:gs-main (Maven) Apr 22, 2022
kurt-r2c
Credited to kurt-r2c
Missing input validation can lead to command execution in composer High
CVE-2022-24828 was published for composer/composer (Composer) Apr 22, 2022
thomas-chauchefoin-sonarsource
Credited to thomas-chauchefoin-sonarsource
The news module in CMSMS before 1.9.4.3 allows remote attackers to corrupt new articles. High Unreviewed
CVE-2011-4310 was published Apr 22, 2022
ktsuss versions 1.4 and prior spawns the GTK interface to run as root. This can allow a local... High Unreviewed
CVE-2011-2922 was published Apr 22, 2022
Weborf before 0.12.5 is affected by a Denial of Service (DOS) due to malformed fields in HTTP. High Unreviewed
CVE-2011-0529 was published Apr 22, 2022
tog-Pegasus has a package hash collision DoS vulnerability High Unreviewed
CVE-2011-4967 was published Apr 22, 2022
A vulnerability in the packet processing functionality of Cisco TelePresence Collaboration... High Unreviewed
CVE-2022-20783 was published Apr 22, 2022
Dell EMC iDRAC8 versions 2.81.81 and earlier contain a denial of service vulnerability. A remote... High Unreviewed
CVE-2022-24423 was published Apr 22, 2022
rpcbind 0.2.0 does not properly validate (1) /tmp/portmap.xdr and (2) /tmp/rpcbind.xdr, which can... High Unreviewed
CVE-2010-2061 was published Apr 21, 2022
Mapserver 5.2, 5.4 and 5.6 before 5.6.5-2 improperly validates symbol index values during Mapfile... High Unreviewed
CVE-2010-1678 was published Apr 21, 2022
SAS Drug Development (SDD) before 32DRG02 mishandles logout actions, which allows a user (who was... High Unreviewed
CVE-2007-6763 was published Apr 21, 2022
There is a possible tty hijacking in shadow 4.x before 4.1.5 and sudo 1.x before 1.7.4 via "su -... High Unreviewed
CVE-2005-4890 was published Apr 21, 2022
Improper input validation vulnerability in XPLATFORM's execBrowser method can cause execute... High Unreviewed
CVE-2021-26626 was published Apr 20, 2022
A vulnerability in the Tool Command Language (Tcl) interpreter of Cisco IOS XE Software could... High Unreviewed
CVE-2022-20676 was published Apr 16, 2022
A vulnerability in the IPSec decryption routine of Cisco IOS XE Software could allow an... High Unreviewed
CVE-2022-20679 was published Apr 16, 2022
An issue was discovered in YottaDB through r1.32 and V7.0-000. A lack of input validation in... High Unreviewed
CVE-2021-44483 was published Apr 16, 2022
An issue was discovered in YottaDB through r1.32 and V7.0-000. A lack of parameter validation in... High Unreviewed
CVE-2021-44481 was published Apr 16, 2022
An issue was discovered in YottaDB through r1.32 and V7.0-000. A lack of input validation in... High Unreviewed
CVE-2021-44482 was published Apr 16, 2022
Notable before 1.9.0-beta.8 doesn't effectively prevent the opening of executable files when... High Unreviewed
CVE-2022-29281 was published Apr 16, 2022
Multiple denial of service vulnerabilities exist in the cgiserver.cgi JSON command parser... High Unreviewed
CVE-2021-44355 was published Apr 15, 2022
Multiple denial of service vulnerabilities exist in the cgiserver.cgi JSON command parser... High Unreviewed
CVE-2021-44354 was published Apr 15, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database