Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,869
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,121
NuGet
735
pip
3,942
Pub
12
RubyGems
945
Rust
1,018
Swift
39
Unreviewed advisories
All unreviewed
5,000+

387 advisories

Loading
The do_task_stat function in fs/proc/array.c in the Linux kernel before 2.6.39-rc1 does not... Low Unreviewed
CVE-2011-0726 was published May 17, 2022
Puppet 2.6.x before 2.6.12 and 2.7.x before 2.7.6, and Puppet Enterprise (PE) Users 1.0, 1.1, and... Low Unreviewed
CVE-2011-3872 was published May 14, 2022
The ap_pregsub function in server/util.c in the Apache HTTP Server 2.0.x through 2.0.64 and 2.2.x... Low Unreviewed
CVE-2011-4415 was published May 17, 2022
The cleanup_journal_tail function in the Journaling Block Device (JBD) functionality in the Linux... Low Unreviewed
CVE-2011-4132 was published May 14, 2022
The log_cookie function in mod_log_config.c in the mod_log_config module in the Apache HTTP... Low Unreviewed
CVE-2012-0021 was published May 4, 2022
The insert_module function in runtime/staprun/staprun_funcs.c in the systemtap runtime tool ... Low Unreviewed
CVE-2011-2503 was published May 17, 2022
The Sleuth Kit (TSK) 4.0.1 does not properly handle "." (dotfile) file system entries in FAT file... Low Unreviewed
CVE-2012-5619 was published May 17, 2022
The slapper function in chkrootkit before 0.50 does not properly quote file paths, which allows... Low Unreviewed
CVE-2014-0476 was published May 17, 2022
The Core Server in OpenAM 9.5.3 through 9.5.5, 10.0.0 through 10.0.2, 10.1.0-Xpress, and 11.0.0... Low Unreviewed
CVE-2014-7246 was published May 17, 2022
mbae.sys in Malwarebytes Anti-Exploit before 1.05.1.2014 allows local users to cause a denial of... Low Unreviewed
CVE-2014-100039 was published May 17, 2022
The ssl3_get_client_key_exchange function in s3_srvr.c in OpenSSL 1.0.2 before 1.0.2a, when... Low Unreviewed
CVE-2015-1787 was published May 14, 2022
Incomplete blacklist vulnerability in the chfn function in libuser before 0.56.13-8 and 0.60... Low Unreviewed
CVE-2015-3245 was published May 14, 2022
The monitor component in sshd in OpenSSH before 7.0 on non-OpenBSD platforms accepts extraneous... Low Unreviewed
CVE-2015-6563 was published May 14, 2022
ecryptfs-setup-swap in eCryptfs does not prevent the unencrypted swap partition from activating... Low Unreviewed
CVE-2016-6224 was published May 17, 2022
Insufficient validation of filenames against control characters in Apache Subversion repositories... Low Unreviewed
CVE-2024-46901 was published Dec 9, 2024
Libmenu-cache 1.0.2 insecurely uses /tmp for a socket file, allowing a local user to cause a... Low Unreviewed
CVE-2017-8933 was published May 17, 2022
In multiple locations, there is a possible display crash loop due to improper input validation.... Low Unreviewed
CVE-2022-20543 was published Dec 19, 2022
Insecure Direct Object Reference (IDOR) vulnerability in the eSignaViewer component in eSigna... Low Unreviewed
CVE-2025-4762 was published May 15, 2025
Spring Framework DataBinder Case Sensitive Match Exception Low
CVE-2025-22233 was published for org.springframework:spring-context (Maven) May 16, 2025
ryanmurf
Philips SureSigns VS4, A.07.107 and prior. The product receives input or data, but it does not... Low Unreviewed
CVE-2020-16237 was published May 24, 2022
anon-vec lacks sufficient checks in public API Low
GHSA-pr59-jjr4-gcf6 was published for anon-vec (Rust) Jun 5, 2025
in OpenHarmony v5.0.3 and prior versions allow a local attacker cause DOS through improper input. Low Unreviewed
CVE-2025-27242 was published Jun 8, 2025
Adobe Experience Manager versions 6.5.22 and earlier are affected by an Improper Input Validation... Low Unreviewed
CVE-2025-47096 was published Jun 11, 2025
Grafana long dashboard title or panel name causes unresponsives Low
CVE-2025-1088 was published for github.com/grafana/grafana (Go) Jun 18, 2025
The issue was addressed with improved validation of environment variables. This issue is fixed in... Low Unreviewed
CVE-2023-40394 was published Jan 11, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database