Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,869
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,122
NuGet
735
pip
3,942
Pub
12
RubyGems
945
Rust
1,020
Swift
39
Unreviewed advisories
All unreviewed
5,000+

387 advisories

Loading
The /etc/profile.d/60alias.sh script in the Mandriva bash package for Bash 2.05b, 3.0, 3.2, 3.2... Low Unreviewed
CVE-2010-0002 was published May 2, 2022
TYPSoft FTP Server 1.10 allows remote authenticated users to cause a denial of service (crash) by... Low Unreviewed
CVE-2009-4105 was published May 2, 2022
The MMIO instruction decoder in the Xen hypervisor in the Linux kernel 2.6.18 in Red Hat... Low Unreviewed
CVE-2010-0730 was published May 2, 2022
The Web Container in IBM WebSphere Application Server (WAS) 6.0 before 6.0.2.43, 6.1 before 6.1.0... Low Unreviewed
CVE-2010-0777 was published May 2, 2022
digestmd5.c in the CMU Cyrus Simple Authentication and Security Layer (SASL) library 2.1.18, and... Low Unreviewed
CVE-2006-1721 was published May 3, 2022
The accept function in NetBSD-current before 20061023, NetBSD 3.0 and 3.0.1 before 20061024, and... Low Unreviewed
CVE-2006-6653 was published May 3, 2022
The display driver allocattr functions in NetBSD 3.0 through 4.0_BETA2, and NetBSD-current before... Low Unreviewed
CVE-2007-3654 was published May 3, 2022
The avast! Mobile Security application before 2.0.4400 for Android allows attackers to cause a... Low Unreviewed
CVE-2013-0122 was published May 5, 2022
Lack of verification of an extension's locale folder in Google Chrome prior to 59.0.3071.86 for... Low Unreviewed
CVE-2017-5081 was published May 13, 2022
The intu-help-qb (aka Intuit Help System Async Pluggable Protocol) handlers in... Low Unreviewed
CVE-2012-2425 was published May 13, 2022
The policy definition evaluator in Condor 7.5.4, 8.0.0, and earlier does not properly handle... Low Unreviewed
CVE-2013-4255 was published May 13, 2022
Environment Variable Injection in GitHub Actions Low
CVE-2020-15228 was published for @actions/core (npm) Oct 1, 2020
Prefix escape Low
CVE-2021-21322 was published for fastify-http-proxy (npm) Mar 3, 2021
Data Amplification in Play Framework Low
CVE-2020-28923 was published for com.typesafe.play:play (Maven) Feb 9, 2022
Crash due to malformed relay protocol message Low
CVE-2021-21404 was published for github.com/syncthing/syncthing (Go) May 21, 2021
Improper Input Validation in Firefly III Low
CVE-2019-14671 was published for grumpydictator/firefly-iii (Composer) Sep 8, 2021
dbus 1.3.0 before 1.6.22 and 1.8.x before 1.8.6, when running on Linux 2.6.37-rc4 or later,... Low Unreviewed
CVE-2014-3532 was published May 13, 2022
APT 0.7.x before 0.7.25 and 0.8.x before 0.8.16, when using the apt-key net-update to import... Low Unreviewed
CVE-2012-3587 was published May 13, 2022
APT 0.7.x before 0.7.25 and 0.8.x before 0.8.16, when using the apt-key net-update to import... Low Unreviewed
CVE-2012-0954 was published May 13, 2022
Squid 3.2.x before 3.2.14, 3.3.x before 3.3.14, 3.4.x before 3.4.13, and 3.5.x before 3.5.4, when... Low Unreviewed
CVE-2015-3455 was published May 13, 2022
do_tgs_req.c in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.11 before 1.11.4... Low Unreviewed
CVE-2013-1417 was published May 13, 2022
IBM Campaign 9.1.0, 9.1.2, 10.0, and 10.1 could allow an authenticated user with access to the... Low Unreviewed
CVE-2016-9749 was published May 13, 2022
An issue was discovered in certain Apple products. iOS before 10.2.1 is affected. The issue... Low Unreviewed
CVE-2017-2351 was published May 13, 2022
A validation issue was addressed with improved input sanitization. This issue is fixed in iOS 13... Low Unreviewed
CVE-2020-9792 was published May 24, 2022
In Messaging, there is a possible way to attach a private file to an SMS message due to improper... Low Unreviewed
CVE-2022-20241 was published Aug 12, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database