Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,189
Erlang
31
GitHub Actions
19
Go
1,985
Maven
5,000+
npm
3,701
NuGet
657
pip
3,326
Pub
11
RubyGems
882
Rust
836
Swift
35
Unreviewed advisories
All unreviewed
5,000+

415 advisories

Loading
Uncaught Exception in zip4j Moderate
CVE-2022-24615 was published for net.lingala.zip4j:zip4j (Maven) Feb 25, 2022
srikanth-lingala
Improper Handling of Exceptional Conditions inn metadata-extractor Moderate
CVE-2022-24613 was published for com.drewnoakes:metadata-extractor (Maven) Feb 25, 2022
ZGorlock
In btif, there is a possible memory corruption due to incorrect error handling. This could lead... Moderate Unreviewed
CVE-2022-20057 was published Mar 11, 2022
NVIDIA DCGM contains a vulnerability in nvhostengine, where a network user can cause detection of... Moderate Unreviewed
CVE-2022-21820 was published Mar 25, 2022
A flaw was found in darkhttpd. Invalid error handling allows remote attackers to cause denial-of... High Unreviewed
CVE-2020-25691 was published Apr 3, 2022
Improper exception handling in Samsung Pass prior to version 3.7.07.5 allows physical attacker to... Moderate Unreviewed
CVE-2022-27841 was published Apr 12, 2022
In atf (hwfde), there is a possible leak of sensitive information due to incorrect error handling... Moderate Unreviewed
CVE-2022-20066 was published Apr 12, 2022
In ged, there is a possible memory corruption due to an incorrect error handling. This could lead... Moderate Unreviewed
CVE-2022-20076 was published Apr 12, 2022
Dell PowerScale OneFS versions 8.2.x - 9.3.0.x contains a denial-of-service vulnerability in... High Unreviewed
CVE-2022-23161 was published Apr 13, 2022
A specially crafted packet sent to the Fernhill SCADA Server Version 3.77 and earlier may cause... High Unreviewed
CVE-2022-21155 was published Apr 13, 2022
An improper handling of exceptional conditions vulnerability exists in the DNS proxy feature of... Moderate Unreviewed
CVE-2022-0023 was published Apr 14, 2022
A maliciously crafted DWG file can be used to write beyond the allocated buffer while parsing DWG... High Unreviewed
CVE-2022-25795 was published Apr 14, 2022
Multiple vulnerabilities in the Cisco IOx application hosting environment on multiple Cisco... High Unreviewed
CVE-2022-20726 was published Apr 16, 2022
A vulnerability in the AppNav-XE feature of Cisco IOS XE Software could allow an unauthenticated,... High Unreviewed
CVE-2022-20678 was published Apr 16, 2022
burn allows file names to escape via mishandled quotation marks Critical Unreviewed
CVE-2009-5043 was published Apr 21, 2022
simpleSAMLphp incorrectly handles XML encryption High
CVE-2011-4625 was published for simplesamlphp/simplesamlphp (Composer) Apr 22, 2022
Denial of Service in http-swagger High
CVE-2022-24863 was published for github.com/swaggo/http-swagger (Go) Apr 22, 2022
pam_ldap in nss_ldap on Red Hat Enterprise Linux 4, Fedora Core 3 and earlier, and possibly other... High Unreviewed
CVE-2006-5170 was published May 1, 2022
fs/splice.c in the splice subsystem in the Linux kernel before 2.6.22.2 does not properly handle... Moderate Unreviewed
CVE-2008-4302 was published May 2, 2022
In ion, there is a possible use after free due to incorrect error handling. This could lead to... High Unreviewed
CVE-2022-20111 was published May 4, 2022
In aee driver, there is a possible reference count mistake due to incorrect error handling. This... High Unreviewed
CVE-2022-20088 was published May 4, 2022
A vulnerability in the local malware analysis process of Cisco Firepower Threat Defense (FTD)... Moderate Unreviewed
CVE-2022-20748 was published May 4, 2022
Perdition before 2.2 may have weak security when handling outbound connections, caused by an... Moderate Unreviewed
CVE-2013-4584 was published May 5, 2022
Privilege escalation vulnerability in Windows products of ESET, spol. s r.o. allows attacker to... High Unreviewed
CVE-2022-27167 was published May 11, 2022
Local privilege escalation in Windows products of ESET allows user who is logged into the system... High Unreviewed
CVE-2021-37851 was published May 12, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database