GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,224
Erlang
31
GitHub Actions
19
Go
1,990
Maven
5,000+
npm
3,706
NuGet
661
pip
3,336
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
18 advisories
Filter by severity
burn allows file names to escape via mishandled quotation marks
Critical
Unreviewed
CVE-2009-5043
was published
Apr 21, 2022
A missing error check exists in the Multi-Camera interface used by the Foscam C1 Indoor HD Camera...
Critical
Unreviewed
CVE-2017-2877
was published
May 13, 2022
VeryNginx 0.3.3 allows remote attackers to bypass the Web Application Firewall feature because...
Critical
Unreviewed
CVE-2018-19991
was published
May 13, 2022
A Denial of Service issue was discovered in the LIVE555 Streaming Media libraries as used in...
Critical
Unreviewed
CVE-2019-6256
was published
May 13, 2022
An arbitrary file copy vulnerability in mod_copy in ProFTPD up to 1.3.5b allows for remote code...
Critical
Unreviewed
CVE-2019-12815
was published
May 24, 2022
Improper handling of length parameter inconsistency vulnerability in Mitsubishi Electric FA...
Critical
Unreviewed
CVE-2021-20588
was published
May 24, 2022
An improper handling of exceptional conditions vulnerability exists in Open Design Alliance ODA...
Critical
Unreviewed
CVE-2021-43272
was published
May 24, 2022
MISP before 2.4.166 unsafely allows users to use the order parameter, related to app/Model...
Critical
Unreviewed
CVE-2022-48329
was published
Feb 20, 2023
app/Controller/Component/IndexFilterComponent.php in MISP before 2.4.167 mishandles...
Critical
Unreviewed
CVE-2022-48328
was published
Feb 20, 2023
Improper Handling of Parameters vulnerability in BG-TEK COSLAT Firewall allows Remote Code...
Critical
Unreviewed
CVE-2021-4105
was published
Feb 24, 2023
This vulnerability allows remote attackers to execute arbitrary code on affected installations of...
Critical
Unreviewed
CVE-2022-23121
was published
Mar 28, 2023
Due to insufficient file permissions, unprivileged users could gain access to unencrypted...
Critical
Unreviewed
CVE-2023-21409
was published
Aug 3, 2023
Due to insufficient file permissions, unprivileged users could gain access to unencrypted user...
Critical
Unreviewed
CVE-2023-21408
was published
Aug 3, 2023
bgpd/bgp_flowspec.c in FRRouting (FRR) before 8.4.3 mishandles an nlri length of zero, aka a ...
Critical
Unreviewed
CVE-2023-38406
was published
Nov 6, 2023
In Perl before 5.38.2, S_parse_uniprop_string in regcomp.c can write to unallocated space because...
Critical
Unreviewed
CVE-2023-47100
was published
Dec 3, 2023
An issue was discovered in Contiki-NG tinyDTLS through 2018-08-30. One incorrect handshake could...
Critical
Unreviewed
CVE-2021-42141
was published
Jan 23, 2024
An issue was discovered in Contiki-NG tinyDTLS through master branch 53a0d97. DTLS servers...
Critical
Unreviewed
CVE-2021-42142
was published
Jan 24, 2024
Incomplete WebAssembly exception handing could have led to a use-after-free. This vulnerability...
Critical
Unreviewed
CVE-2024-7521
was published
Aug 6, 2024
ProTip!
Advisories are also available from the
GraphQL API