Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,645
Maven
5,000+
npm
4,271
NuGet
760
pip
4,065
Pub
12
RubyGems
957
Rust
1,057
Swift
45
Unreviewed advisories
All unreviewed
5,000+

11,577 advisories

Loading
Mapserver 5.2, 5.4 and 5.6 before 5.6.5-2 improperly validates symbol index values during Mapfile... High Unreviewed
CVE-2010-1678 was published Apr 21, 2022
rpcbind 0.2.0 does not properly validate (1) /tmp/portmap.xdr and (2) /tmp/rpcbind.xdr, which can... High Unreviewed
CVE-2010-2061 was published Apr 21, 2022
Mumble: murmur-server has DoS due to malformed client query Moderate Unreviewed
CVE-2010-2490 was published Apr 21, 2022
TYPO3 is vulnerable to Spam Abuse in the native form content element Moderate
CVE-2010-3667 was published for typo3/cms-frontend (Composer) Apr 21, 2022
Rbot Reaction plugin allows command execution Critical Unreviewed
CVE-2010-2446 was published Apr 21, 2022
Dell EMC iDRAC8 versions 2.81.81 and earlier contain a denial of service vulnerability. A remote... High Unreviewed
CVE-2022-24423 was published Apr 22, 2022
A vulnerability in the packet processing functionality of Cisco TelePresence Collaboration... High Unreviewed
CVE-2022-20783 was published Apr 22, 2022
Typo3 Arbitrary File Delete Moderate
CVE-2011-4902 was published for typo3/cms (Composer) Apr 22, 2022
Typo3 Improper Access Control Moderate
CVE-2011-4904 was published for typo3/cms (Composer) Apr 22, 2022
In gksu-polkit before 0.0.3, the source file for xauth may contain arbitrary commands that may... Critical Unreviewed
CVE-2011-0703 was published Apr 22, 2022
nginx http proxy module does not verify peer identity of https origin server which could... Moderate Unreviewed
CVE-2011-4968 was published Apr 22, 2022
tog-Pegasus has a package hash collision DoS vulnerability High Unreviewed
CVE-2011-4967 was published Apr 22, 2022
ktsuss versions 1.4 and prior spawns the GTK interface to run as root. This can allow a local... High Unreviewed
CVE-2011-2922 was published Apr 22, 2022
Weborf before 0.12.5 is affected by a Denial of Service (DOS) due to malformed fields in HTTP. High Unreviewed
CVE-2011-0529 was published Apr 22, 2022
Smarty3 Arbitrary PHP Code Execution Critical
CVE-2011-1028 was published for smarty/smarty (Composer) Apr 22, 2022
Yubico PAM Module before 2.10 performed user authentication when 'use_first_pass' PAM... Critical Unreviewed
CVE-2011-4120 was published Apr 22, 2022
The news module in CMSMS before 1.9.4.3 allows remote attackers to corrupt new articles. High Unreviewed
CVE-2011-4310 was published Apr 22, 2022
Input validation issues were found in Calibre at devices/linux_mount_helper.c which can lead to... Critical Unreviewed
CVE-2011-4124 was published Apr 22, 2022
Missing input validation can lead to command execution in composer High
CVE-2022-24828 was published for composer/composer (Composer) Apr 22, 2022
thomas-chauchefoin-sonarsource
Credited to thomas-chauchefoin-sonarsource
Improper Input Validation in GeoServer High
CVE-2022-24847 was published for org.geoserver:gs-main (Maven) Apr 22, 2022
kurt-r2c
Credited to kurt-r2c
Insufficient type validation in pocketmine/pocketmine-mp High
GHSA-g5rr-p69h-7v3g was published for pocketmine/pocketmine-mp (Composer) Apr 22, 2022
kurt-r2c
Credited to kurt-r2c
A potential vulnerability due to improper buffer validation in the SMI handler... High Unreviewed
CVE-2022-1108 was published Apr 23, 2022
A potential vulnerability due to use of Boot Services in the SmmOEMInt15 SMI handler in some... High Unreviewed
CVE-2022-1107 was published Apr 23, 2022
A potential vulnerability in the SMI callback function used in the SMBIOS event log driver in... High Unreviewed
CVE-2021-4211 was published Apr 23, 2022
A potential vulnerability in the SMI callback function used in the Legacy BIOS mode driver in... High Unreviewed
CVE-2021-4212 was published Apr 23, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database