Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,869
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,122
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,020
Swift
39
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

4,554 advisories

Loading
A potential vulnerability in LenovoVariable SMI Handler due to insufficient validation in some... High Unreviewed
CVE-2021-3970 was published Apr 23, 2022
A potential vulnerability in the SMI callback function used in the SMBIOS event log driver in... High Unreviewed
CVE-2021-4211 was published Apr 23, 2022
A potential vulnerability in the SMI callback function used in the Legacy BIOS mode driver in... High Unreviewed
CVE-2021-4212 was published Apr 23, 2022
A potential vulnerability due to use of Boot Services in the SmmOEMInt15 SMI handler in some... High Unreviewed
CVE-2022-1107 was published Apr 23, 2022
A potential vulnerability due to improper buffer validation in the SMI handler... High Unreviewed
CVE-2022-1108 was published Apr 23, 2022
The news module in CMSMS before 1.9.4.3 allows remote attackers to corrupt new articles. High Unreviewed
CVE-2011-4310 was published Apr 22, 2022
ktsuss versions 1.4 and prior spawns the GTK interface to run as root. This can allow a local... High Unreviewed
CVE-2011-2922 was published Apr 22, 2022
Weborf before 0.12.5 is affected by a Denial of Service (DOS) due to malformed fields in HTTP. High Unreviewed
CVE-2011-0529 was published Apr 22, 2022
tog-Pegasus has a package hash collision DoS vulnerability High Unreviewed
CVE-2011-4967 was published Apr 22, 2022
A vulnerability in the packet processing functionality of Cisco TelePresence Collaboration... High Unreviewed
CVE-2022-20783 was published Apr 22, 2022
Dell EMC iDRAC8 versions 2.81.81 and earlier contain a denial of service vulnerability. A remote... High Unreviewed
CVE-2022-24423 was published Apr 22, 2022
rpcbind 0.2.0 does not properly validate (1) /tmp/portmap.xdr and (2) /tmp/rpcbind.xdr, which can... High Unreviewed
CVE-2010-2061 was published Apr 21, 2022
Mapserver 5.2, 5.4 and 5.6 before 5.6.5-2 improperly validates symbol index values during Mapfile... High Unreviewed
CVE-2010-1678 was published Apr 21, 2022
SAS Drug Development (SDD) before 32DRG02 mishandles logout actions, which allows a user (who was... High Unreviewed
CVE-2007-6763 was published Apr 21, 2022
There is a possible tty hijacking in shadow 4.x before 4.1.5 and sudo 1.x before 1.7.4 via "su -... High Unreviewed
CVE-2005-4890 was published Apr 21, 2022
Improper input validation vulnerability in XPLATFORM's execBrowser method can cause execute... High Unreviewed
CVE-2021-26626 was published Apr 20, 2022
A vulnerability in the Tool Command Language (Tcl) interpreter of Cisco IOS XE Software could... High Unreviewed
CVE-2022-20676 was published Apr 16, 2022
A vulnerability in the IPSec decryption routine of Cisco IOS XE Software could allow an... High Unreviewed
CVE-2022-20679 was published Apr 16, 2022
An issue was discovered in YottaDB through r1.32 and V7.0-000. A lack of input validation in... High Unreviewed
CVE-2021-44483 was published Apr 16, 2022
An issue was discovered in YottaDB through r1.32 and V7.0-000. A lack of parameter validation in... High Unreviewed
CVE-2021-44481 was published Apr 16, 2022
An issue was discovered in YottaDB through r1.32 and V7.0-000. A lack of input validation in... High Unreviewed
CVE-2021-44482 was published Apr 16, 2022
Notable before 1.9.0-beta.8 doesn't effectively prevent the opening of executable files when... High Unreviewed
CVE-2022-29281 was published Apr 16, 2022
Multiple denial of service vulnerabilities exist in the cgiserver.cgi JSON command parser... High Unreviewed
CVE-2021-44355 was published Apr 15, 2022
Multiple denial of service vulnerabilities exist in the cgiserver.cgi JSON command parser... High Unreviewed
CVE-2021-44354 was published Apr 15, 2022
Multiple denial of service vulnerabilities exist in the cgiserver.cgi JSON command parser... High Unreviewed
CVE-2021-44356 was published Apr 15, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database