Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,224
Erlang
31
GitHub Actions
19
Go
1,990
Maven
5,000+
npm
3,706
NuGet
661
pip
3,336
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+

1,230 advisories

Loading
The ReadDPXImage function in coders/dpx.c in ImageMagick before 6.9.9-0 and 7.x before 7.0.6-1... High Unreviewed
CVE-2017-11527 was published May 17, 2022
Regular expression denial of service in react-native High
CVE-2020-1920 was published for react-native (npm) Jul 20, 2021
The Stars Rating WordPress plugin before 3.5.1 does not validate the submitted rating, allowing... High Unreviewed
CVE-2021-24893 was published Jan 4, 2022
The simplepush server iterates through the application installations and pushes a notification to... High Unreviewed
CVE-2014-3648 was published Jul 2, 2022
Pexip Infinity before 28.1 allows remote attackers to trigger a software abort via G.719. High Unreviewed
CVE-2022-32263 was published Jul 18, 2022
** DISPUTED ** quic-go through 0.27.0 allows remote attackers to cause a denial of service (CPU... High Unreviewed
CVE-2022-30591 was published Jul 7, 2022
The __decode_dotted function in libc/inet/resolv.c in uClibc-ng before 1.0.12 allows remote DNS... High Unreviewed
CVE-2016-2224 was published May 17, 2022
mongod in MongoDB 2.6, when using 2.4-style users, and 2.4 allow remote attackers to cause a... High Unreviewed
CVE-2016-3104 was published May 17, 2022
Pexip Infinity before 27.3 allows remote attackers to trigger excessive resource consumption via... High Unreviewed
CVE-2022-27937 was published Jul 18, 2022
An issue was discovered in Moxa NPort 5110 versions prior to 2.6, NPort 5130/5150 Series versions... High Unreviewed
CVE-2016-9367 was published May 17, 2022
The __read_etc_hosts_r function in libc/inet/resolv.c in uClibc-ng before 1.0.12 allows remote... High Unreviewed
CVE-2016-2225 was published May 17, 2022
AutomationDirect DirectLOGIC is vulnerable to a a specially crafted packet can be sent... High Unreviewed
CVE-2022-2004 was published Sep 1, 2022
ManageEngine Password Manager Pro 12100 and prior and OPManager 126100 and prior are vulnerable... High Unreviewed
CVE-2022-35404 was published Jul 19, 2022
A vulnerability in the network stack of MikroTik Version 6.38.5 released 2017-03-09 could allow... High Unreviewed
CVE-2017-7285 was published May 17, 2022
Memory leak in the NewXMLTree function in magick/xml-tree.c in ImageMagick before 6.9.4-7 allows... High Unreviewed
CVE-2016-10047 was published May 17, 2022
An issue was discovered in H96 Smart TV Box H96 Pro Plus allows attackers to corrupt files via... High Unreviewed
CVE-2020-21405 was published Jul 21, 2022
The "process-execute" and "process-spawn" procedures did not free memory correctly when the... High Unreviewed
CVE-2016-6831 was published May 17, 2022
lite-server vulnerable to Denial of Service High
CVE-2022-25940 was published for lite-server (Maven) Dec 20, 2022
lirantal
Samsung Note devices with KK(4.4), L(5.0/5.1), and M(6.0) software allow attackers to crash the... High Unreviewed
CVE-2017-5351 was published May 17, 2022
Hyperledger Fabric subject to Denial of Service via non-validated request High
CVE-2022-35253 was published for github.com/hyperledger/fabric (Go) Sep 25, 2022
A vulnerability in the DHCP processing functionality of Cisco IOS XE Wireless Controller Software... High Unreviewed
CVE-2022-20847 was published Oct 1, 2022
SAP NetWeaver AS ABAP, versions 740, 750, 751, 752, 753, 754, 755, allows an unauthenticated... High Unreviewed
CVE-2021-21446 was published May 24, 2022
An attacker could use specially crafted invalid Modbus frames to crash the Ovarro TBox system. High Unreviewed
CVE-2021-22642 was published Jul 29, 2022
The byterange filter in the Apache HTTP Server 1.3.x, 2.0.x through 2.0.64, and 2.2.x through 2.2... High Unreviewed
CVE-2011-3192 was published May 13, 2022
SAP NetWeaver AS ABAP and ABAP Platform - versions 700, 701, 702, 730, 731, 740, 750, 751, 752,... High Unreviewed
CVE-2021-38181 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database