Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,869
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,122
NuGet
735
pip
3,942
Pub
12
RubyGems
945
Rust
1,020
Swift
39
Unreviewed advisories
All unreviewed
5,000+

387 advisories

Loading
Improper Input Validation vulnerability in simulation function of GX Works2 allows an attacker to... Low Unreviewed
CVE-2023-5274 was published Nov 30, 2023
Improper input validation for some Intel Unison software may allow an authenticated user to... Low Unreviewed
CVE-2022-45469 was published Nov 14, 2023
Improper access control in Elenos ETG150 FM transmitter v3.12 allows attackers to make arbitrary... Low Unreviewed
CVE-2023-37833 was published Nov 1, 2023
Silverstripe Framework: Members with no password can be created and bypass custom login forms Low
CVE-2023-32302 was published for silverstripe/framework (Composer) Jul 31, 2023
sabina-talipova bimthebam
maxime-rainville
Adobe Bridge version 11.0.2 (and earlier) is affected by an uninitialized variable vulnerability... Low Unreviewed
CVE-2021-35991 was published May 24, 2022
Improper Sanitizing of plugin names in helm Low
CVE-2020-15186 was published for helm.sh/helm (Go) May 24, 2021
Panic due to malformed WALs in go.etcd.io/etcd Low
CVE-2020-15106 was published for go.etcd.io/etcd (Go) Feb 7, 2023
Repository index file allows for duplicates of the same chart entry in helm Low
CVE-2020-15185 was published for helm.sh/helm (Go) May 24, 2021
Aliases are never checked in helm Low
CVE-2020-15184 was published for helm.sh/helm (Go) May 24, 2021
Phusion Passenger allows remote attackers to spoof headers Low
CVE-2015-7519 was published for passenger (RubyGems) Oct 10, 2018
Incorrect scoping of kill operations in MongoDB Server's packaged SysV init scripts allow users... Low Unreviewed
CVE-2019-2389 was published May 24, 2022
Insufficient input validation vulnerability in subsystem for Intel(R) AMT before versions 11.8.65... Low Unreviewed
CVE-2019-0094 was published May 24, 2022
Lack of adequate input/output validation for ABB eSOMS versions 4.0 to 6.0.2 might allow an... Low Unreviewed
CVE-2019-19095 was published May 24, 2022
In Core Utilities, there is a possible way to craft a malformed Uri object due to improper input... Low Unreviewed
CVE-2022-20338 was published Aug 13, 2022
In onCreatePreferences of EditInfoFragment.java, there is a possible way to read contacts... Low Unreviewed
CVE-2023-20932 was published Feb 28, 2023
Improper input validation vulnerability in TelephonyUI prior to SMR Jan-2023 Release 1 allows... Low Unreviewed
CVE-2023-21428 was published Feb 9, 2023
Improper input validation in Bixby Vision prior to version 3.7.70.17 allows attacker to access... Low Unreviewed
CVE-2023-21431 was published Feb 9, 2023
The dispatch_discard_io function in drivers/block/xen-blkback/blkback.c in the Xen blkback... Low Unreviewed
CVE-2013-2140 was published May 17, 2022
The net_ctl_permissions function in net/sysctl_net.c in the Linux kernel before 3.11.5 does not... Low Unreviewed
CVE-2013-4270 was published May 17, 2022
The parse_rock_ridge_inode_internal function in fs/isofs/rock.c in the Linux kernel before 3.18.2... Low Unreviewed
CVE-2014-9584 was published May 13, 2022
Docker Engine before 1.8.3 and CS Docker Engine before 1.6.2-CS7 do not use a globally unique... Low Unreviewed
CVE-2014-8178 was published May 17, 2022
The check_mtab function in client/mount.cifs.c in mount.cifs in smbfs in Samba 3.5.10 and earlier... Low Unreviewed
CVE-2011-2724 was published May 14, 2022
fs/jfs/xattr.c in the Linux kernel before 2.6.35.2 does not properly handle a certain legacy... Low Unreviewed
CVE-2010-2946 was published May 14, 2022
The staprun runtime tool in SystemTap 1.3 does not verify that a module to unload was previously... Low Unreviewed
CVE-2010-4171 was published May 17, 2022
The pipe_fcntl function in fs/pipe.c in the Linux kernel before 2.6.37 does not properly... Low Unreviewed
CVE-2010-4256 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database