Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,224
Erlang
31
GitHub Actions
19
Go
1,990
Maven
5,000+
npm
3,706
NuGet
661
pip
3,336
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+

53 advisories

Loading
The Multipass service was found to have code paths that could be abused to cause a denial of... Critical Unreviewed
CVE-2022-27889 was published Jun 15, 2022
A vulnerability found in postgresql. On this security issue an attack requires permission to... High Unreviewed
CVE-2022-2625 was published Aug 19, 2022
There was a man-in-the-middle (MITM) vulnerability present in the Confluence Previews plugin in... Moderate Unreviewed
CVE-2019-15006 was published May 24, 2022
An issue was discovered in Thunar before 4.16.7 and 4.17.x before 4.17.2. When called with a... Critical Unreviewed
CVE-2021-32563 was published May 24, 2022
CrafterCMS OS Command Injection vulnerability High
CVE-2022-40635 was published for org.craftercms:craftercms (Maven) Sep 14, 2022
A vulnerability in the command-line interface in Brocade Fabric OS before Brocade Fabric OS v8.2... Moderate Unreviewed
CVE-2020-15372 was published May 24, 2022
A vulnerability in Cisco Webex Meetings and Cisco Webex Meetings Server could allow an... Critical Unreviewed
CVE-2020-3419 was published May 24, 2022
Attacker might be able to execute malicious Perl code in the Template toolkit, by having the... High Unreviewed
CVE-2022-39051 was published Sep 6, 2022
There is an Improper Control of Dynamically Managing Code Resources Vulnerability in Huawei... Critical Unreviewed
CVE-2021-22387 was published May 24, 2022
vm2 vulnerable to Sandbox Escape resulting in Remote Code Execution on host Critical
CVE-2022-36067 was published for vm2 (npm) Sep 28, 2022
oxeye-gal oxeye-yuval
oxeye-daniel
Misuse of `Reference` and other transferable APIs may lead to access to nodejs isolate High
CVE-2021-21413 was published for isolated-vm (npm) Apr 6, 2021
vdata1 cristianstaicu
Improper Control of Dynamically-Managed Code Resources in Crafter CMS Crafter Studio High
CVE-2020-25803 was published for org.craftercms:crafter-studio (Maven) Feb 9, 2022
Use of Potentially Dangerous Function in mixme High
CVE-2021-29491 was published for mixme (npm) May 6, 2021
CySirX
Improper Control of Dynamically-Managed Code Resources in Crafter CMS Crafter Studio High
CVE-2020-25802 was published for org.craftercms:crafter-studio (Maven) Feb 9, 2022
Header dropping in traefik Moderate
CVE-2021-32813 was published for github.com/traefik/traefik (Go) Aug 5, 2021
Authenticated administrators may modify the main YAML configuration file and load a Java class... High Unreviewed
CVE-2021-23262 was published Dec 3, 2021
Authenticated users with Administrator or Developer roles may execute OS commands by SPEL... High Unreviewed
CVE-2021-23258 was published Dec 3, 2021
Authenticated users with Administrator or Developer roles may execute OS commands by Groovy... High Unreviewed
CVE-2021-23259 was published Dec 3, 2021
Prototype Pollution in config-handler Critical
CVE-2021-23448 was published for config-handler (npm) Oct 12, 2021
Improper Access Control of Dynamically-Managed Code Resources (DLL) in Thales Sentinel Protection... High Unreviewed
CVE-2021-42809 was published Dec 21, 2021
A vulnerability in the Fibre Channel over Ethernet (FCoE) N-port Virtualization (NPV) protocol... High Unreviewed
CVE-2019-1617 was published May 13, 2022
A vulnerability in the Fibre Channel over Ethernet (FCoE) protocol implementation in Cisco NX-OS... Moderate Unreviewed
CVE-2019-1595 was published May 13, 2022
distribute-cache.c in ImageMagick re-uses objects after they have been destroyed, which allows... Critical Unreviewed
CVE-2014-9852 was published May 14, 2022
In the Linux kernel through 5.16.10, certain binary files may have the exec-all attribute if they... High Unreviewed
CVE-2022-25265 was published Feb 17, 2022
sqlite vulnerable to code execution due to Object coercion High
CVE-2022-43441 was published for sqlite3 (npm) Mar 13, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database