GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,285
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,741
NuGet
668
pip
3,422
Pub
12
RubyGems
892
Rust
875
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
93,924 advisories
Filter by severity
Belledonne Belle-sip before 4.5.20, as used in Linphone and other products, can crash via an...
High
Unreviewed
CVE-2021-33056
was published
May 24, 2022
Certain TP-Link devices allow Command Injection. This affects NC200 2.1.9 build 200225, NC210 1.0...
High
Unreviewed
CVE-2020-12109
was published
May 24, 2022
NVIDIA DGX A100 contains a vulnerability in SBIOS in the SmiFlash, where a local user with...
High
Unreviewed
CVE-2022-42276
was published
Jan 13, 2023
RHACM: unauthenticated SSRF in console API endpoint. A Server-Side Request Forgery (SSRF)...
High
Unreviewed
CVE-2022-3841
was published
Jan 13, 2023
NVIDIA BMC contains a vulnerability in IPMI handler, where an authorized attacker can cause a...
High
Unreviewed
CVE-2022-42272
was published
Jan 13, 2023
NVIDIA BMC contains a vulnerability in SPX REST API, where an authorized attacker can inject...
High
Unreviewed
CVE-2022-42279
was published
Jan 13, 2023
NVIDIA BMC contains a vulnerability in libwebsocket, where an authorized attacker can cause a...
High
Unreviewed
CVE-2022-42273
was published
Jan 13, 2023
NVIDIA BMC contains a vulnerability in SPX REST API, where an authorized attacker can inject...
High
Unreviewed
CVE-2022-42290
was published
Jan 13, 2023
H C Mingham-Smith Ltd - Tardis 2000 Privilege escalation.Version 1.6 is vulnerable to privilege...
High
Unreviewed
CVE-2022-39182
was published
Jan 12, 2023
There is an OS Command Injection in Mida eFramework through 2.9.0 that allows an attacker to...
High
Unreviewed
CVE-2020-15920
was published
May 24, 2022
NGINX Open Source before versions 1.23.2 and 1.22.1, NGINX Open Source Subscription before...
High
Unreviewed
CVE-2022-41741
was published
Oct 20, 2022
NGINX Open Source before versions 1.23.2 and 1.22.1, NGINX Open Source Subscription before...
High
Unreviewed
CVE-2022-41742
was published
Oct 20, 2022
In the Linux kernel before 5.3.4, a reference count usage error in the fib6_rule_suppress()...
High
Unreviewed
CVE-2019-18198
was published
May 24, 2022
** DISPUTED ** Insecure folder permissions in the Windows installation path of Shibboleth Service...
High
Unreviewed
CVE-2023-22947
was published
Jan 11, 2023
Improper Input Validation vulnerability in header parsing of Apache Traffic Server allows an...
High
Unreviewed
CVE-2021-37150
was published
Aug 11, 2022
Improper Input Validation vulnerability in HTTP/1.1 header parsing of Apache Traffic Server...
High
Unreviewed
CVE-2022-28129
was published
Aug 11, 2022
Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the ...
High
Unreviewed
CVE-2017-16302
was published
Jan 12, 2023
Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the ...
High
Unreviewed
CVE-2017-16303
was published
Jan 12, 2023
Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the ...
High
Unreviewed
CVE-2017-16322
was published
Jan 12, 2023
Under some circumstances an Insufficiently Protected Credentials vulnerability in Johnson...
High
Unreviewed
CVE-2021-36204
was published
Jan 13, 2023
Delta Electronics InfraSuite Device Master versions 00.00.01a and prior deserialize user-supplied...
High
Unreviewed
CVE-2022-41778
was published
Jan 13, 2023
The APDFL.dll contains a memory corruption vulnerability while parsing specially crafted PDF...
High
Unreviewed
CVE-2022-3161
was published
Jan 13, 2023
Authenticated mail users, under specific circumstances, could add files with unsanitized content...
High
Unreviewed
CVE-2022-42136
was published
Jan 13, 2023
Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the ...
High
Unreviewed
CVE-2017-16267
was published
Jan 12, 2023
InHand Networks InRouter 302, prior to version IR302 V3.5.56, and InRouter 615, prior to version...
High
Unreviewed
CVE-2023-22601
was published
Jan 13, 2023
ProTip!
Advisories are also available from the
GraphQL API