Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,635
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

11,563 advisories

Loading
Improper input validation for the Intel(R) Manageability Commander before version 2.2 may allow... High Unreviewed
CVE-2021-0126 was published May 13, 2022
Improper input validation in the BIOS firmware for some Intel(R) Processors may allow a... High Unreviewed
CVE-2021-0154 was published May 13, 2022
On various RAD-ISM-900-EN-* devices by PHOENIX CONTACT an admin user could use the traceroute... Critical Unreviewed
CVE-2022-29897 was published May 12, 2022
Due to insufficient input validation, SAP Employee Self Service allows an authenticated attacker... Moderate Unreviewed
CVE-2022-29613 was published May 12, 2022
Improper input validation in GitLab CE/EE affecting all versions from 8.12 prior to 14.8.6, all... Moderate Unreviewed
CVE-2022-1406 was published May 12, 2022
Improper validation of the BIOS directory may allow for searches to read beyond the directory... Moderate Unreviewed
CVE-2021-26388 was published May 12, 2022
Improper validation of destination address in SVC_LOAD_FW_IMAGE_BY_INSTANCE and... High Unreviewed
CVE-2021-26370 was published May 11, 2022
In setStream of WallpaperManager.java, there is a possible way to cause a permanent DoS due to... Moderate Unreviewed
CVE-2021-39670 was published May 11, 2022
Improper Input Validation in k8s.io/ingress-nginx High
CVE-2021-25745 was published for k8s.io/ingress-nginx (Go) May 7, 2022
A security issue was discovered in ingress-nginx where a user that can create or update ingress... High Unreviewed
CVE-2021-25746 was published May 7, 2022
Adobe Photoshop versions 22.5.6 (and earlier)and 23.2.2 (and earlier) are affected by an improper... High Unreviewed
CVE-2022-24098 was published May 7, 2022
IBM Robotic Process Automation 21.0.1 and 21.0.2 is vulnerable to External Service Interaction... High Unreviewed
CVE-2022-22433 was published May 6, 2022
On 16.1.x versions prior to 16.1.2.2 and 15.1.x versions prior to 15.1.5.1, BIG-IP APM does not... High Unreviewed
CVE-2022-27634 was published May 6, 2022
On F5 BIG-IP AFM 16.1.x versions prior to 16.1.2.2, 15.1.x versions prior to 15.1.5.1, 14.1.x... High Unreviewed
CVE-2022-28695 was published May 6, 2022
On F5 BIG-IP 16.1.x versions prior to 16.1.2.2 and 15.1.x versions prior to 15.1.5.1, when a BIG... Moderate Unreviewed
CVE-2022-28708 was published May 6, 2022
On F5 BIG-IP 15.1.x versions prior to 15.1.5.1, 14.1.x versions prior to 14.1.4.6, 13.1.x... Moderate Unreviewed
CVE-2022-29479 was published May 6, 2022
Tenant and Verifier might not use the same registrar data Critical
CVE-2022-1053 was published for keylime (pip) May 5, 2022
THS-on
Credited to THS-on
The Basic Services component in IBM Tivoli Monitoring (ITM) 6.2.0 through FP3, 6.2.1 through FP4,... Moderate Unreviewed
CVE-2013-0551 was published May 5, 2022
ping.php in Global Console Manager 16 (GCM16) and Global Console Manager 32 (GCM32) before 1.20.0... High Unreviewed
CVE-2013-0526 was published May 5, 2022
IBM Sterling Secure Proxy 3.2.0 and 3.3.01 before 3.3.01.23 Interim Fix 1, 3.4.0 before 3.4.0.6... Moderate Unreviewed
CVE-2013-0520 was published May 5, 2022
IBM Sterling Secure Proxy 3.2.0 and 3.3.01 before 3.3.01.23 Interim Fix 1, 3.4.0 before 3.4.0.6... Moderate Unreviewed
CVE-2013-0518 was published May 5, 2022
IBM Storwize V7000 Unified 1.3.x and 1.4.x before 1.4.2.0 does not properly handle device files... Moderate Unreviewed
CVE-2013-0500 was published May 5, 2022
IBM Sterling Order Management 8.0 before HF127, 8.5 before HF89, 9.0 before HF69, 9.1.0 before... Moderate Unreviewed
CVE-2013-0505 was published May 5, 2022
The ipapwd_chpwop function in daemons/ipa-slapi-plugins/ipa-pwd-extop/ipa_pwd_extop.c in the... Moderate Unreviewed
CVE-2013-0336 was published May 5, 2022
Bundler may install gems from a different source than expected Moderate
CVE-2013-0334 was published for bundler (RubyGems) May 5, 2022
jasnow
Credited to jasnow
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database