Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,190
Erlang
31
GitHub Actions
19
Go
1,985
Maven
5,000+
npm
3,702
NuGet
656
pip
3,326
Pub
11
RubyGems
883
Rust
836
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

18 advisories

Loading
burn allows file names to escape via mishandled quotation marks Critical Unreviewed
CVE-2009-5043 was published Apr 21, 2022
A missing error check exists in the Multi-Camera interface used by the Foscam C1 Indoor HD Camera... Critical Unreviewed
CVE-2017-2877 was published May 13, 2022
VeryNginx 0.3.3 allows remote attackers to bypass the Web Application Firewall feature because... Critical Unreviewed
CVE-2018-19991 was published May 13, 2022
A Denial of Service issue was discovered in the LIVE555 Streaming Media libraries as used in... Critical Unreviewed
CVE-2019-6256 was published May 13, 2022
An arbitrary file copy vulnerability in mod_copy in ProFTPD up to 1.3.5b allows for remote code... Critical Unreviewed
CVE-2019-12815 was published May 24, 2022
Improper handling of length parameter inconsistency vulnerability in Mitsubishi Electric FA... Critical Unreviewed
CVE-2021-20588 was published May 24, 2022
An improper handling of exceptional conditions vulnerability exists in Open Design Alliance ODA... Critical Unreviewed
CVE-2021-43272 was published May 24, 2022
MISP before 2.4.166 unsafely allows users to use the order parameter, related to app/Model... Critical Unreviewed
CVE-2022-48329 was published Feb 20, 2023
app/Controller/Component/IndexFilterComponent.php in MISP before 2.4.167 mishandles... Critical Unreviewed
CVE-2022-48328 was published Feb 20, 2023
Improper Handling of Parameters vulnerability in BG-TEK COSLAT Firewall allows Remote Code... Critical Unreviewed
CVE-2021-4105 was published Feb 24, 2023
This vulnerability allows remote attackers to execute arbitrary code on affected installations of... Critical Unreviewed
CVE-2022-23121 was published Mar 28, 2023
Due to insufficient file permissions, unprivileged users could gain access to unencrypted... Critical Unreviewed
CVE-2023-21409 was published Aug 3, 2023
Due to insufficient file permissions, unprivileged users could gain access to unencrypted user... Critical Unreviewed
CVE-2023-21408 was published Aug 3, 2023
bgpd/bgp_flowspec.c in FRRouting (FRR) before 8.4.3 mishandles an nlri length of zero, aka a ... Critical Unreviewed
CVE-2023-38406 was published Nov 6, 2023
In Perl before 5.38.2, S_parse_uniprop_string in regcomp.c can write to unallocated space because... Critical Unreviewed
CVE-2023-47100 was published Dec 3, 2023
An issue was discovered in Contiki-NG tinyDTLS through 2018-08-30. One incorrect handshake could... Critical Unreviewed
CVE-2021-42141 was published Jan 23, 2024
An issue was discovered in Contiki-NG tinyDTLS through master branch 53a0d97. DTLS servers... Critical Unreviewed
CVE-2021-42142 was published Jan 24, 2024
Incomplete WebAssembly exception handing could have led to a use-after-free. This vulnerability... Critical Unreviewed
CVE-2024-7521 was published Aug 6, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database