Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,750
Maven
5,000+
npm
4,353
NuGet
765
pip
4,114
Pub
12
RubyGems
960
Rust
1,069
Swift
45
Unreviewed advisories
All unreviewed
5,000+

305,681 advisories

Loading
Improper input validation in the Intel(R) CSME installer software before version 2328.5.5.0 may... Moderate Unreviewed
CVE-2023-32633 was published Mar 14, 2024
Car-Booking-System-PHP v.1.0 is vulnerable to SQL Injection in /carlux/contact.php. Critical Unreviewed
CVE-2025-63453 was published Nov 3, 2025
An issue in NetSurf v.3.11 allows a remote attacker to execute arbitrary code via the... Moderate Unreviewed
CVE-2024-51317 was published Nov 3, 2025
A remote code execution (RCE) vulnerability in the Postgres Drivers component of iceScrum v7.54... High Unreviewed
CVE-2025-60785 was published Nov 3, 2025
NetSurf 3.11 is vulnerable to Use After Free in dom_node_set_text_content function. Moderate Unreviewed
CVE-2025-29699 was published Nov 3, 2025
An issue was discovered in FRRouting FRR through 9.0.1. A crash can occur when a malformed BGP... High Unreviewed
CVE-2023-47235 was published Nov 3, 2023
An issue was discovered in FRRouting FRR through 9.0.1. A crash can occur when processing a... High Unreviewed
CVE-2023-47234 was published Nov 3, 2023
There is a buffer over-read in Ruby before 2.6.10, 2.7.x before 2.7.6, 3.x before 3.0.4, and 3.1... High Unreviewed
CVE-2022-28739 was published May 10, 2022
A privilege escalation flaw was found in Amanda 3.5.1 in which the backup user can acquire root... Moderate Unreviewed
CVE-2022-37705 was published Apr 16, 2023
Broadcom RAID Controller web interface is vulnerable has an insecure default TLS configuration... High Unreviewed
CVE-2023-4331 was published Aug 15, 2023
Broadcom RAID Controller web interface is vulnerable due to insecure default of HTTP... Critical Unreviewed
CVE-2023-4336 was published Aug 15, 2023
Broadcom RAID Controller web interface is vulnerable to exposure of sensitive data and the keys... Moderate Unreviewed
CVE-2023-4327 was published Aug 15, 2023
Read out-of-bounds in PJSUA API when calling pjsua_recorder_create. An attacker-controlled ... Critical Unreviewed
CVE-2021-43302 was published Feb 17, 2022
Buffer overflow vulnerabilities exist in FRRouting through 8.1.0 due to the use of strdup with a... High Unreviewed
CVE-2022-26126 was published Mar 4, 2022
Buffer overflow vulnerabilities exist in FRRouting through 8.1.0 due to wrong checks on the... High Unreviewed
CVE-2022-26129 was published Mar 4, 2022
In PHP versions before 7.4.31, 8.0.24 and 8.1.11, the vulnerability enables network and same-site... Moderate Unreviewed
CVE-2022-31629 was published Sep 29, 2022
BlueZ before 5.59 allows physically proximate attackers to obtain sensitive information because... High Unreviewed
CVE-2022-39176 was published Sep 3, 2022
An issue was discovered in bgpd in FRRouting (FRR) 8.3. In bgp_notify_send_with_data() and... High Unreviewed
CVE-2022-37035 was published Aug 3, 2022
In Amanda 3.5.1, an information leak vulnerability was found in the calcsize SUID binary. An... Low Unreviewed
CVE-2022-37703 was published Sep 14, 2022
BlueZ before 5.59 allows physically proximate attackers to cause a denial of service because... High Unreviewed
CVE-2022-39177 was published Sep 3, 2022
Broadcom RAID Controller web interface is vulnerable due to usage of Libcurl with LSA has known... Critical Unreviewed
CVE-2023-4325 was published Aug 15, 2023
In Eternal Terminal 6.2.1, etserver and etclient have world-readable logfiles. Moderate Unreviewed
CVE-2022-48258 was published Jan 13, 2023
Tinyproxy commit 84f203f and earlier does not process HTTP request lines in the process_request()... High Unreviewed
CVE-2022-40468 was published Sep 20, 2022
In Eternal Terminal 6.2.1, etserver and etclient have predictable logfile names in /tmp. Moderate Unreviewed
CVE-2022-48257 was published Jan 13, 2023
sapi/cgi/cgi_main.c in PHP before 5.3.12 and 5.4.x before 5.4.2, when configured as a CGI script ... High Unreviewed
CVE-2012-1823 was published May 14, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database