Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,636
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

5,051 advisories

Loading
Multiple denial of service vulnerabilities exist in the cgiserver.cgi JSON command parser... High Unreviewed
CVE-2021-44394 was published Apr 15, 2022
Multiple denial of service vulnerabilities exist in the cgiserver.cgi JSON command parser... High Unreviewed
CVE-2021-44366 was published Apr 15, 2022
Multiple denial of service vulnerabilities exist in the cgiserver.cgi JSON command parser... High Unreviewed
CVE-2021-44356 was published Apr 15, 2022
Multiple denial of service vulnerabilities exist in the cgiserver.cgi JSON command parser... High Unreviewed
CVE-2021-44357 was published Apr 15, 2022
Multiple denial of service vulnerabilities exist in the cgiserver.cgi JSON command parser... High Unreviewed
CVE-2021-44375 was published Apr 15, 2022
Citrix XenMobile Server 10.12 through RP11, 10.13 through RP6, and 10.14 through RP4 allows... High Unreviewed
CVE-2022-26151 was published Apr 14, 2022
In the MZ Automation LibIEC61850 in versions prior to 1.5.1 an unauthenticated attacker can craft... High Unreviewed
CVE-2022-1302 was published Apr 13, 2022
A vulnerability has been identified in SCALANCE X302-7 EEC (230V), SCALANCE X302-7 EEC (230V,... High Unreviewed
CVE-2022-25751 was published Apr 13, 2022
A vulnerability has been identified in SCALANCE W1788-1 M12 (All versions < V3.0.0), SCALANCE... High Unreviewed
CVE-2022-28328 was published Apr 13, 2022
Promotion names in Jenkins promoted builds Plugin are not validated when using Job DSL High
CVE-2022-29049 was published for org.jenkins-ci.plugins:promoted-builds (Maven) Apr 13, 2022
NotMyFault westonsteimel
Credited to NotMyFault and westonsteimel
The release of OpenShift 4.9.6 included four CVE fixes for the haproxy package, however the patch... High Unreviewed
CVE-2021-4047 was published Apr 12, 2022
Improper validation vulnerability in SemSuspendDialogInfo prior to SMR Apr-2022 Release 1 allows... High Unreviewed
CVE-2022-27826 was published Apr 12, 2022
Improper validation vulnerability in MediaMonitorEvent prior to SMR Apr-2022 Release 1 allows... High Unreviewed
CVE-2022-27828 was published Apr 12, 2022
Improper validation vulnerability in MediaMonitorDimension prior to SMR Apr-2022 Release 1 allows... High Unreviewed
CVE-2022-27827 was published Apr 12, 2022
Improper validation vulnerability in VerifyCredentialResponse prior to SMR Apr-2022 Release 1... High Unreviewed
CVE-2022-27829 was published Apr 12, 2022
Improper validation vulnerability in SemBlurInfo prior to SMR Apr-2022 Release 1 allows attackers... High Unreviewed
CVE-2022-27830 was published Apr 12, 2022
Improper boundary check in UWB firmware prior to SMR Apr-2022 Release 1 allows arbitrary memory... High Unreviewed
CVE-2022-27835 was published Apr 12, 2022
Incorrect protocol extraction via \r, \n and \t characters High
CVE-2022-1243 was published for urijs (npm) Apr 6, 2022
Haxatron chrisbloom7
Credited to Haxatron and chrisbloom7
Improper Input Validation vulnerability in ABB 800xA, Control Software for AC 800M, Control... High Unreviewed
CVE-2021-22277 was published Apr 3, 2022
An local privilege escalation vulnerability due to a "runasroot" command in eScan Anti-Virus.... High Unreviewed
CVE-2021-26624 was published Apr 3, 2022
Data can be copied without validation in the built-in web server in Moxa NPort IAW5000A-I/O... High Unreviewed
CVE-2021-32970 was published Apr 3, 2022
Improper input validation in all versions of GitLab CE/EE using sendmail to send emails allowed... High Unreviewed
CVE-2022-0741 was published Apr 3, 2022
Improper input validation vulnerability in pfSense CE and pfSense Plus (pfSense CE software... High Unreviewed
CVE-2022-24299 was published Apr 1, 2022
In Settings, there is a possible way to make the user enable WiFi due to improper input... High Unreviewed
CVE-2021-39763 was published Mar 31, 2022
In Settings, there is a possible way to misrepresent which app wants to add a wifi network due to... High Unreviewed
CVE-2021-39771 was published Mar 31, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database