GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,565
Composer 4,201
Erlang 31
GitHub Actions 19
Go 1,986
Maven 5,163
npm 3,702
NuGet 660
pip 3,328
Pub 11
RubyGems 883
Rust 843
Swift 36

Unreviewed advisories

All unreviewed 233,918

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

571 advisories

Filter by severity

Sort by

Least recently updated

ABB, Phoenix Contact, Schneider Electric, Siemens, WAGO - Programmable Logic Controllers,... High Unreviewed

CVE-2019-10953 was published May 13, 2022

The jv_dump_term function in jq 1.5 allows remote attackers to cause a denial of service (stack... High Unreviewed

CVE-2016-4074 was published May 13, 2022

A vulnerability in the processing of IP Service Level Agreement (SLA) packets by Cisco IOS... High Unreviewed

CVE-2019-1737 was published May 13, 2022

The _zip_read_eocd64 function in zip_open.c in libzip before 1.3.0 mishandles EOCD records, which... Moderate Unreviewed

CVE-2017-14107 was published May 13, 2022

A Remote Code Execution vulnerability in lmgrd and vendor daemon components of FlexNet Publisher... Critical Unreviewed

CVE-2018-20033 was published May 13, 2022

It was found in Ceph versions before 13.2.4 that authenticated ceph RGW users can cause a denial... Moderate Unreviewed

CVE-2018-16846 was published May 13, 2022

An issue has been discovered in GitLab affecting all versions starting from 13.9 before 14.8.6,... High Unreviewed

CVE-2022-1510 was published May 12, 2022

An issue has been discovered in GitLab affecting all versions before 14.8.6, all versions... Moderate Unreviewed

CVE-2022-1428 was published May 12, 2022

Tenda AC15 US_AC15V1.0BR_V15.03.05.20_multi_TDE01.bin is vulnerable to Buffer Overflow. The stack... High Unreviewed

CVE-2022-28556 was published May 5, 2022

A vulnerability in the Snort rule evaluation function of Cisco Firepower Threat Defense (FTD)... High Unreviewed

CVE-2022-20767 was published May 4, 2022

A vulnerability in the connection handling function in Cisco Firepower Threat Defense (FTD)... High Unreviewed

CVE-2022-20757 was published May 4, 2022

A vulnerability in the Snort detection engine integration for Cisco Firepower Threat Defense (FTD... High Unreviewed

CVE-2022-20751 was published May 4, 2022

relan exFAT 1.3.0 allows local users to obtain sensitive information (data from deleted files in... Moderate Unreviewed

CVE-2022-29973 was published May 3, 2022

PHP before 5.2.12 and 5.3.x before 5.3.1 does not restrict the number of temporary files created... Moderate Unreviewed

CVE-2009-4017 was published May 2, 2022

The SIP channel driver in Asterisk Open Source 1.2.x before 1.2.34, 1.4.x before 1.4.26.1, 1.6.0... High Unreviewed

CVE-2009-2726 was published May 2, 2022

Opera, possibly 9.64 and earlier, allows remote attackers to cause a denial of service (memory... Moderate Unreviewed

CVE-2009-2540 was published May 2, 2022

Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 4.x, 5.x before 5.1(3g), 6... High Unreviewed

CVE-2009-2054 was published May 2, 2022

The ap_proxy_http_process_response function in mod_proxy_http.c in the mod_proxy module in the... Moderate Unreviewed

CVE-2008-2364 was published May 1, 2022

The Web TransferCtrl Class 8,2,1,4 (iManFile.cab), as used in WorkSite Web 8.2 before SP1 P2,... High Unreviewed

CVE-2008-1700 was published May 1, 2022

Joomla! 1.03 does not restrict the number of "Search" Mambots, which allows remote attackers to... Moderate Unreviewed

CVE-2005-4650 was published May 1, 2022

Memory leak in the worker MPM (worker.c) for Apache 2, in certain circumstances, allows remote... Moderate Unreviewed

CVE-2005-2970 was published May 1, 2022

iptables before 1.2.4 does not accurately convert rate limits that are specified on the command... Moderate Unreviewed

CVE-2001-1388 was published Apr 30, 2022

A lack of rate limiting in the 'forgot password' feature of Zammad v5.1.0 allows attackers to... High Unreviewed

CVE-2022-29701 was published Apr 28, 2022

A vulnerability in SonicOS CFS (Content filtering service) returns a large 403 forbidden HTTP... High Unreviewed

CVE-2022-22278 was published Apr 28, 2022

encoding/pem in Go before 1.17.9 and 1.8.x before 1.8.1 has a Decode stack overflow via a large... High Unreviewed

CVE-2022-24675 was published Apr 21, 2022

Previous 1 2 … 19 20 21 22 23 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

571 advisories