Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,224
Erlang
31
GitHub Actions
19
Go
1,990
Maven
5,000+
npm
3,706
NuGet
661
pip
3,336
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

25 advisories

Loading
The Multipass service was found to have code paths that could be abused to cause a denial of... Critical Unreviewed
CVE-2022-27889 was published Jun 15, 2022
A vulnerability found in postgresql. On this security issue an attack requires permission to... High Unreviewed
CVE-2022-2625 was published Aug 19, 2022
There was a man-in-the-middle (MITM) vulnerability present in the Confluence Previews plugin in... Moderate Unreviewed
CVE-2019-15006 was published May 24, 2022
An issue was discovered in Thunar before 4.16.7 and 4.17.x before 4.17.2. When called with a... Critical Unreviewed
CVE-2021-32563 was published May 24, 2022
A vulnerability in the command-line interface in Brocade Fabric OS before Brocade Fabric OS v8.2... Moderate Unreviewed
CVE-2020-15372 was published May 24, 2022
A vulnerability in Cisco Webex Meetings and Cisco Webex Meetings Server could allow an... Critical Unreviewed
CVE-2020-3419 was published May 24, 2022
Attacker might be able to execute malicious Perl code in the Template toolkit, by having the... High Unreviewed
CVE-2022-39051 was published Sep 6, 2022
There is an Improper Control of Dynamically Managing Code Resources Vulnerability in Huawei... Critical Unreviewed
CVE-2021-22387 was published May 24, 2022
Authenticated administrators may modify the main YAML configuration file and load a Java class... High Unreviewed
CVE-2021-23262 was published Dec 3, 2021
Authenticated users with Administrator or Developer roles may execute OS commands by SPEL... High Unreviewed
CVE-2021-23258 was published Dec 3, 2021
Authenticated users with Administrator or Developer roles may execute OS commands by Groovy... High Unreviewed
CVE-2021-23259 was published Dec 3, 2021
Improper Access Control of Dynamically-Managed Code Resources (DLL) in Thales Sentinel Protection... High Unreviewed
CVE-2021-42809 was published Dec 21, 2021
A vulnerability in the Fibre Channel over Ethernet (FCoE) N-port Virtualization (NPV) protocol... High Unreviewed
CVE-2019-1617 was published May 13, 2022
A vulnerability in the Fibre Channel over Ethernet (FCoE) protocol implementation in Cisco NX-OS... Moderate Unreviewed
CVE-2019-1595 was published May 13, 2022
distribute-cache.c in ImageMagick re-uses objects after they have been destroyed, which allows... Critical Unreviewed
CVE-2014-9852 was published May 14, 2022
In the Linux kernel through 5.16.10, certain binary files may have the exec-all attribute if they... High Unreviewed
CVE-2022-25265 was published Feb 17, 2022
CrushFTP prior to 10.5.1 is vulnerable to Improperly Controlled Modification of Dynamically... Critical Unreviewed
CVE-2023-43177 was published Nov 18, 2023
An information disclosure vulnerability exists when the Windows GDI component improperly... Moderate Unreviewed
CVE-2020-1091 was published May 24, 2022
An information disclosure vulnerability exists when the Windows GDI component improperly... Moderate Unreviewed
CVE-2020-1097 was published May 24, 2022
NVIDIA DGX A100 SBIOS contains a vulnerability where a user may cause a dynamic variable... High Unreviewed
CVE-2023-31032 was published Jan 12, 2024
GitHub Enterprise before 20120304 does not properly restrict the use of a hash to provide values... Moderate Unreviewed
CVE-2012-2055 was published May 17, 2022
Cross SiteScripting vulnerability in Citrix Session Recording allows attacker to perform Cross... Moderate Unreviewed
CVE-2023-6184 was published Jan 18, 2024
Improper Control of Dynamically-Managed Code Resources vulnerability in Logitech Logi Tune on... Moderate Unreviewed
CVE-2024-2537 was published Mar 15, 2024
A vulnerability that poses a potential risk of polluting the MXsecurity sqlite database and the... Moderate Unreviewed
CVE-2023-39983 was published Sep 2, 2023
Langflow versions prior to 1.0.13 suffer from a Privilege Escalation vulnerability, allowing a... High Unreviewed
CVE-2024-7297 was published Jul 30, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database