Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,273
Erlang
31
GitHub Actions
21
Go
2,055
Maven
5,000+
npm
3,739
NuGet
668
pip
3,417
Pub
12
RubyGems
891
Rust
872
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

800 advisories

Loading
The IPv6 implementation in FreeBSD and NetBSD (unknown versions, year 2012 and earlier) allows... High Unreviewed
CVE-2012-5363 was published Apr 23, 2022
A denial of service flaw was found in the way the server component of Freeciv before 2.3.4... High Unreviewed
CVE-2012-5645 was published Apr 23, 2022
PyXML: Hash table collisions CPU usage Denial of Service High Unreviewed
CVE-2012-0877 was published Apr 23, 2022
A local file inclusion flaw was found in the way the phpLDAPadmin before 0.9.8 processed certain... High Unreviewed
CVE-2011-4082 was published Apr 22, 2022
The Diffie-Hellman Key Agreement Protocol allows remote attackers (from the client side) to send... High Unreviewed
CVE-2002-20001 was published Apr 21, 2022
The affected product is vulnerable to a network-based attack by threat actors sending unimpeded... High Unreviewed
CVE-2021-43933 was published Apr 21, 2022
An issue was discovered in Asterisk through 19.x. When using STIR/SHAKEN, it is possible to... High Unreviewed
CVE-2022-26498 was published Apr 16, 2022
A vulnerability has been identified in SIMATIC CFU DIQ (All versions), SIMATIC CFU PA (All... High Unreviewed
CVE-2022-25622 was published Apr 13, 2022
A vulnerability has been identified in SIMATIC PCS neo (Administration Console) (All versions <... High Unreviewed
CVE-2022-27194 was published Apr 13, 2022
A specially crafted packet sent to the Fernhill SCADA Server Version 3.77 and earlier may cause... High Unreviewed
CVE-2022-21155 was published Apr 13, 2022
Due to an uncontrolled recursion in SAP Web Dispatcher and SAP Internet Communication Manager,... High Unreviewed
CVE-2022-28773 was published Apr 13, 2022
A potential DoS vulnerability was discovered in Gitlab CE/EE versions 13.7 before 14.7.7, all... High Unreviewed
CVE-2022-1174 was published Apr 5, 2022
CAMS for HIS Log Server contained in the following Yokogawa Electric products is vulnerable to... High Unreviewed
CVE-2022-22145 was published Mar 12, 2022
IBM AIX 7.1, 7.2, 7.3, and VIOS 3.1 could allow a non-privileged trusted host user to exploit a... High Unreviewed
CVE-2022-22351 was published Mar 8, 2022
regexp.Compile in Go before 1.16.15 and 1.17.x before 1.17.8 allows stack exhaustion via a deeply... High Unreviewed
CVE-2022-24921 was published Mar 6, 2022
An security agent resource exhaustion denial-of-service vulnerability in Trend Micro Apex One,... High Unreviewed
CVE-2022-24678 was published Feb 25, 2022
A vulnerability was found in Radare2 in versions prior to 5.6.2, 5.6.0, 5.5.4 and 5.5.2. Mapping... High Unreviewed
CVE-2021-4021 was published Feb 25, 2022
The Popup | Custom Popup Builder WordPress plugin before 1.3.1 autoload data from its popup on... High Unreviewed
CVE-2022-0214 was published Feb 15, 2022
StarWind iSCSI SAN before 3.5 build 2007-08-09 allows socket exhaustion. High Unreviewed
CVE-2007-20001 was published Feb 12, 2022
Rat.SetString in math/big in Go before 1.16.14 and 1.17.x before 1.17.7 has an overflow that can... High Unreviewed
CVE-2022-23772 was published Feb 12, 2022
SAP NetWeaver Application Server for ABAP (Kernel) and ABAP Platform (Kernel) - versions KERNEL 7... High Unreviewed
CVE-2022-22543 was published Feb 11, 2022
The Zoom Client for Meetings chat functionality was susceptible to Zip bombing attacks in the... High Unreviewed
CVE-2022-22780 was published Feb 11, 2022
In Expat (aka libexpat) before 2.4.3, a left shift by 29 (or more) places in the storeAtts... High Unreviewed
CVE-2021-45960 was published Feb 10, 2022
A CWE-400: Uncontrolled Resource Consumption vulnerability exists that could cause a denial of... High Unreviewed
CVE-2022-22724 was published Feb 6, 2022
MariaDB through 10.5.9 allows an application crash via certain long SELECT DISTINCT statements... High Unreviewed
CVE-2021-46668 was published Feb 2, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database