Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,266
Erlang
31
GitHub Actions
21
Go
2,041
Maven
5,000+
npm
3,733
NuGet
662
pip
3,413
Pub
12
RubyGems
891
Rust
866
Swift
36
Unreviewed advisories
All unreviewed
5,000+

422 advisories

Loading
Uncaught exception in the FCS Server software maintained by Intel before version 1.1.79.3 may... Moderate Unreviewed
CVE-2022-36287 was published Feb 16, 2023
A vulnerability in class-of-service (CoS) queue management in Juniper Networks Junos OS on the... High Unreviewed
CVE-2023-22391 was published Jan 13, 2023
An improper handling of exceptional conditions vulnerability in Trend Micro Apex One and Apex One... High Unreviewed
CVE-2022-44652 was published Dec 12, 2022
Improper handling of insufficient permissions vulnerability in setSecureFolderPolicy in... Low Unreviewed
CVE-2022-39912 was published Dec 8, 2022
go-merkledag's ProtoNode may be modified such that common method calls may panic High
CVE-2022-23495 was published for github.com/ipfs/go-merkledag (Go) Dec 8, 2022
mrd0ll4r
Yauaa vulnerable to ArrayIndexOutOfBoundsException triggered by a crafted Sec-Ch-Ua-Full-Version-List High
CVE-2022-23496 was published for nl.basjes.parse.useragent:yauaa (Maven) Dec 8, 2022
Redmine 5.x before 5.0.4 allows downloading of file attachments of any Issue or any Wiki page due... High Unreviewed
CVE-2022-44030 was published Dec 7, 2022
nadesiko3 allows remote attacker to inject invalid value to decodeURIComponent of nako3edit Moderate
CVE-2022-41777 was published for nadesiko3 (npm) Dec 5, 2022
A vulnerability in the processing of SSH connections of Cisco Firepower Management Center (FMC)... High Unreviewed
CVE-2022-20854 was published Nov 16, 2022
Improper access control vulnerability in IpcRxServiceModeBigDataInfo in RIL prior to SMR Nov-2022... Low Unreviewed
CVE-2022-39886 was published Nov 10, 2022
Improper access control vulnerability in BootCompletedReceiver_CMCC in DeviceManagement prior to... Low Unreviewed
CVE-2022-39885 was published Nov 10, 2022
A denial of service vulnerability exists in the web_server hashFirst functionality of Robustel... High Unreviewed
CVE-2022-35268 was published Oct 25, 2022
An unhandled exception in job log parsing in GitLab CE/EE affecting all versions prior to 15.2.5,... Moderate Unreviewed
CVE-2022-3279 was published Oct 17, 2022
lock order inversion in transitive grant copy handling As part of XSA-226 a missing cleanup call... Moderate Unreviewed
CVE-2022-33748 was published Oct 11, 2022
A vulnerability in the SSH implementation of Cisco IOS Software and Cisco IOS XE Software could... High Unreviewed
CVE-2022-20920 was published Oct 11, 2022
Traefik HTTP/2 connections management could cause a denial of service High
CVE-2022-39271 was published for github.com/traefik/traefik/v2 (Go) Oct 10, 2022
In wlan, there is a possible use after free due to an incorrect status check. This could lead to... Moderate Unreviewed
CVE-2022-32590 was published Oct 8, 2022
Improper restriction of broadcasting Intent in ShareLive prior to version 13.2.03.5 leaks MAC... Low Unreviewed
CVE-2022-39872 was published Oct 7, 2022
A maliciously crafted MODEL and SLDPRT file can be used to write beyond the allocated buffer... High Unreviewed
CVE-2022-33886 was published Oct 4, 2022
A maliciously crafted PDF file when parsed through Autodesk AutoCAD 2023 causes an unhandled... High Unreviewed
CVE-2022-33887 was published Oct 4, 2022
A vulnerability in the processing of malformed Common Industrial Protocol (CIP) packets that are... High Unreviewed
CVE-2022-20919 was published Oct 1, 2022
rdiffweb Missing Custom Error Page Moderate
CVE-2022-3175 was published for rdiffweb (pip) Sep 14, 2022
Under certain conditions, the application SAP BusinessObjects Business Intelligence Platform ... Moderate Unreviewed
CVE-2022-35295 was published Sep 14, 2022
Improper Handling of Insufficient Permissions or Privileges vulnerability in Waterplugin prior to... Moderate Unreviewed
CVE-2022-36874 was published Sep 10, 2022
** UNSUPPORTED WHEN ASSIGNED ** sys/netinet/tcp_timer.h in FreeBSD before 7.0 contains a denial... High Unreviewed
CVE-2022-32264 was published Sep 7, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database