Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,869
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,122
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,020
Swift
39
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

4,554 advisories

Loading
Multiple denial of service vulnerabilities exist in the cgiserver.cgi JSON command parser... High Unreviewed
CVE-2021-44394 was published Apr 15, 2022
Multiple denial of service vulnerabilities exist in the cgiserver.cgi JSON command parser... High Unreviewed
CVE-2021-44366 was published Apr 15, 2022
Multiple denial of service vulnerabilities exist in the cgiserver.cgi JSON command parser... High Unreviewed
CVE-2021-44357 was published Apr 15, 2022
Multiple denial of service vulnerabilities exist in the cgiserver.cgi JSON command parser... High Unreviewed
CVE-2021-44375 was published Apr 15, 2022
Citrix XenMobile Server 10.12 through RP11, 10.13 through RP6, and 10.14 through RP4 allows... High Unreviewed
CVE-2022-26151 was published Apr 14, 2022
In the MZ Automation LibIEC61850 in versions prior to 1.5.1 an unauthenticated attacker can craft... High Unreviewed
CVE-2022-1302 was published Apr 13, 2022
A vulnerability has been identified in SCALANCE X302-7 EEC (230V), SCALANCE X302-7 EEC (230V,... High Unreviewed
CVE-2022-25751 was published Apr 13, 2022
A vulnerability has been identified in SCALANCE W1788-1 M12 (All versions < V3.0.0), SCALANCE... High Unreviewed
CVE-2022-28328 was published Apr 13, 2022
The release of OpenShift 4.9.6 included four CVE fixes for the haproxy package, however the patch... High Unreviewed
CVE-2021-4047 was published Apr 12, 2022
Improper validation vulnerability in SemSuspendDialogInfo prior to SMR Apr-2022 Release 1 allows... High Unreviewed
CVE-2022-27826 was published Apr 12, 2022
Improper validation vulnerability in MediaMonitorDimension prior to SMR Apr-2022 Release 1 allows... High Unreviewed
CVE-2022-27827 was published Apr 12, 2022
Improper validation vulnerability in VerifyCredentialResponse prior to SMR Apr-2022 Release 1... High Unreviewed
CVE-2022-27829 was published Apr 12, 2022
Improper validation vulnerability in MediaMonitorEvent prior to SMR Apr-2022 Release 1 allows... High Unreviewed
CVE-2022-27828 was published Apr 12, 2022
Improper validation vulnerability in SemBlurInfo prior to SMR Apr-2022 Release 1 allows attackers... High Unreviewed
CVE-2022-27830 was published Apr 12, 2022
Improper boundary check in UWB firmware prior to SMR Apr-2022 Release 1 allows arbitrary memory... High Unreviewed
CVE-2022-27835 was published Apr 12, 2022
Improper Input Validation vulnerability in ABB 800xA, Control Software for AC 800M, Control... High Unreviewed
CVE-2021-22277 was published Apr 3, 2022
An local privilege escalation vulnerability due to a "runasroot" command in eScan Anti-Virus.... High Unreviewed
CVE-2021-26624 was published Apr 3, 2022
Data can be copied without validation in the built-in web server in Moxa NPort IAW5000A-I/O... High Unreviewed
CVE-2021-32970 was published Apr 3, 2022
Improper input validation in all versions of GitLab CE/EE using sendmail to send emails allowed... High Unreviewed
CVE-2022-0741 was published Apr 3, 2022
Improper input validation vulnerability in pfSense CE and pfSense Plus (pfSense CE software... High Unreviewed
CVE-2022-24299 was published Apr 1, 2022
In Settings, there is a possible way to misrepresent which app wants to add a wifi network due to... High Unreviewed
CVE-2021-39771 was published Mar 31, 2022
In Settings, there is a possible way to make the user enable WiFi due to improper input... High Unreviewed
CVE-2021-39763 was published Mar 31, 2022
In Settings, there is a possible way to display an incorrect app name due to improper input... High Unreviewed
CVE-2021-39764 was published Mar 31, 2022
The lack of validation of a key-value field in the Splunk-to-Splunk protocol results in a denial... High Unreviewed
CVE-2021-3422 was published Mar 26, 2022
SolarWinds received a report of a vulnerability related to an input that was not sanitized in... High Unreviewed
CVE-2021-35254 was published Mar 26, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database