Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,869
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,122
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,020
Swift
39
Unreviewed advisories
All unreviewed
5,000+

5,014 advisories

Loading
A malicious application may be able to break out of its sandbox. This issue is fixed in macOS Big... High Unreviewed
CVE-2021-30688 was published May 24, 2022
Missing parameter type validation in the DRM module. Successful exploitation of this... High Unreviewed
CVE-2022-44556 was published Nov 8, 2022
An improper sanitization of input vulnerability in B. Braun SpaceCom2 prior to 012U000062 allows... High Unreviewed
CVE-2021-33886 was published May 24, 2022
The AMS module has a vulnerability in input validation. Successful exploitation of this... High Unreviewed
CVE-2022-31762 was published Jun 14, 2022
Multiple vulnerabilities in Cisco SD-WAN vManage Software could allow an unauthenticated, remote... High Unreviewed
CVE-2021-1505 was published May 24, 2022
Cisco IOS 15.5(3)S3, 15.6(1)S2, 15.6(2)S1, and 15.6(2)T1 does not properly dequeue invalid NTP... High Unreviewed
CVE-2016-1478 was published May 17, 2022
Multiple vulnerabilities in Cisco SD-WAN vManage Software could allow an unauthenticated, remote... High Unreviewed
CVE-2021-1480 was published May 24, 2022
Possible out of bound access due to improper validation of function table entries in Snapdragon... High Unreviewed
CVE-2021-30259 was published May 24, 2022
Multiple vulnerabilities in the web-based management interface of the Cisco Catalyst Passive... High Unreviewed
CVE-2021-40112 was published May 24, 2022
** DISPUTED ** The set_language_path function in geshi.php in Generic Syntax Highlighter (GeSHi)... High Unreviewed
CVE-2008-5186 was published May 17, 2022
Multiple unspecified vulnerabilities in the web management interface in Avaya Communication... High Unreviewed
CVE-2008-5709 was published May 17, 2022
A memory corruption vulnerability exists when ezPDF improperly handles the parameter. This... High Unreviewed
CVE-2020-7870 was published May 24, 2022
Avira AntiVir Premium, Premium Security Suite, AntiVir Professional, and AntiVir Personal - FREE... High Unreviewed
CVE-2008-6962 was published May 17, 2022
A vulnerability in the web interface of the Cisco Web Security Appliance (WSA) could allow an... High Unreviewed
CVE-2017-6746 was published May 17, 2022
DotNetNuke 2.0 through 4.8.4 allows remote attackers to load .ascx files instead of skin files,... High Unreviewed
CVE-2008-7102 was published May 17, 2022
Windows Hyper-V in Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold,... High Unreviewed
CVE-2017-8664 was published May 17, 2022
Cisco IP Phone 8800 devices with software 11.0(1) allow remote attackers to cause a denial of... High Unreviewed
CVE-2016-1479 was published May 17, 2022
The Grapevine update process in Cisco Application Policy Infrastructure Controller Enterprise... High Unreviewed
CVE-2016-1365 was published May 17, 2022
The Neighbor Discovery (ND) protocol implementation in the IPv6 stack in Cisco IOS XE 2.1 through... High Unreviewed
CVE-2016-1409 was published May 17, 2022
Insufficient input validation in PSP firmware for discrete TPM commands could allow a potential... High Unreviewed
CVE-2020-12946 was published May 24, 2022
A vulnerability in the web-based management interface of certain Cisco Small Business RV Series... High Unreviewed
CVE-2021-40120 was published May 24, 2022
Due to improper input sanitization, an authenticated user with certain specific privileges can... High Unreviewed
CVE-2021-38176 was published May 24, 2022
A CWE-20: Improper Input Validation vulnerability exists that could cause potential remote code... High Unreviewed
CVE-2022-30232 was published Jun 3, 2022
The web-based management interface on Cisco Small Business 220 devices with firmware before 1.0.1... High Unreviewed
CVE-2016-1472 was published May 17, 2022
A vulnerability in the software-based SSL/TLS message handler of Cisco Firepower Threat Defense ... High Unreviewed
CVE-2021-1402 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database