Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,189
Erlang
31
GitHub Actions
19
Go
1,984
Maven
5,000+
npm
3,701
NuGet
657
pip
3,325
Pub
11
RubyGems
882
Rust
836
Swift
35
Unreviewed advisories
All unreviewed
5,000+

332 advisories

Loading
Pyopenssl Incorrect Memory Management High
CVE-2018-1000808 was published for pyopenssl (pip) Oct 10, 2018
Improper Resource Shutdown or Release in HashiCorp Vault High
CVE-2020-7220 was published for github.com/hashicorp/vault (Go) Jul 28, 2021
Improper Resource Shutdown or Release in TYPO3 extension High
CVE-2021-38623 was published for webcoast/deferred-image-processing (Composer) Aug 30, 2021
The TCP Server module in toxcore before 0.2.8 doesn't free the TCP priority queue under certain... High Unreviewed
CVE-2018-25021 was published Dec 14, 2021
HDF5 1.13.1-1 is affected by: segmentation fault, which causes a Denial of Service. Moderate Unreviewed
CVE-2021-45829 was published Jan 4, 2022
Guest can force Linux netback driver to hog large amounts of kernel memory T[his CNA information... Moderate Unreviewed
CVE-2021-28715 was published Jan 7, 2022
Guest can force Linux netback driver to hog large amounts of kernel memory T[his CNA information... Moderate Unreviewed
CVE-2021-28714 was published Jan 7, 2022
Duktape v2.99.99 was discovered to contain a SEGV vulnerability via the component duk_push_tval... Moderate Unreviewed
CVE-2021-46322 was published Jan 21, 2022
On BIG-IP versions 16.x before 16.1.0, 15.1.x before 15.1.4.1, 14.1.x before 14.1.4.4, and all... High Unreviewed
CVE-2022-23010 was published Jan 26, 2022
A DoS attack in the web application of D-Link DIR-X1860 before v1.10WWB09_Beta allows a remote... High Unreviewed
CVE-2021-41441 was published Feb 10, 2022
Puma used with Rails may lead to Information Exposure High
CVE-2022-23634 was published for puma (RubyGems) Feb 11, 2022
byroot
Denial of Service in Packetbeat High
CVE-2017-11480 was published for github.com/elastic/beats (Go) Feb 15, 2022
Tor Browser 9.0.7 on Windows 10 build 10586 is vulnerable to information disclosure. This could... Moderate Unreviewed
CVE-2021-46702 was published Feb 27, 2022
TeamViewer Linux versions before 15.28 do not properly execute a deletion command for the... Moderate Unreviewed
CVE-2022-23242 was published Mar 24, 2022
BIND 9.16.11 -> 9.16.26, 9.17.0 -> 9.18.0 and versions 9.16.11-S1 -> 9.16.26-S1 of the BIND... Moderate Unreviewed
CVE-2022-0396 was published Mar 24, 2022
A vulnerability, which was classified as problematic, was found in Shemes GrabIt up to 1.7.2 Beta... Moderate Unreviewed
CVE-2010-10001 was published Mar 29, 2022
** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in WEKA INTEREST Security Scanner 1.8.... Moderate Unreviewed
CVE-2017-20011 was published Mar 29, 2022
** UNSUPPORTED WHEN ASSIGNED ** A vulnerability, which was classified as problematic, has been... Moderate Unreviewed
CVE-2017-20014 was published Mar 29, 2022
** UNSUPPORTED WHEN ASSIGNED ** A vulnerability, which was classified as problematic, was found... Moderate Unreviewed
CVE-2017-20015 was published Mar 29, 2022
** UNSUPPORTED WHEN ASSIGNED ** A vulnerability classified as problematic was found in WEKA... Moderate Unreviewed
CVE-2017-20013 was published Mar 29, 2022
** UNSUPPORTED WHEN ASSIGNED ** A vulnerability classified as problematic has been found in WEKA... Moderate Unreviewed
CVE-2017-20012 was published Mar 29, 2022
A vulnerability classified as problematic was found in LibTIFF 4.3.0. Affected by this... Moderate Unreviewed
CVE-2022-1210 was published Apr 4, 2022
A denial of service vulnerability exists in the cgiserver.cgi Upgrade API functionality of... Moderate Unreviewed
CVE-2021-40405 was published Apr 15, 2022
Resource leakage when decoding certificates and keys High
CVE-2022-1473 was published for openssl-src (Rust) May 4, 2022
pinkforest
The unity-firefox-extension package could be tricked into destroying the Unity webapps context,... Moderate Unreviewed
CVE-2013-1054 was published May 5, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database