Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,869
Erlang
29
GitHub Actions
16
Go
1,717
Maven
4,951
npm
3,480
NuGet
605
pip
3,026
Pub
10
RubyGems
832
Rust
776
Swift
34
Unreviewed advisories
All unreviewed
5,000+

10,379 advisories

Improper input validation in a third-party component for Intel(R) Quartus(R) Prime Pro Edition... High Unreviewed
CVE-2021-44454 was published Feb 11, 2022
When a user opens a manipulated Tagged Image File Format (.tiff, 2d.x3d)) received from untrusted... Moderate Unreviewed
CVE-2022-22537 was published Feb 11, 2022
When a user opens a manipulated Adobe Illustrator file format (.ai, ai.x3d) received from... Moderate Unreviewed
CVE-2022-22538 was published Feb 11, 2022
When a user opens a manipulated JPEG file format (.jpg, 2d.x3d) received from untrusted sources... Moderate Unreviewed
CVE-2022-22539 was published Feb 11, 2022
Permissive parameters and privilege escalation Moderate
CVE-2018-20301 was published for coherence (Erlang) Feb 10, 2022
Improper Handling of Exceptional Conditions and Improper Input Validation in Reactor Netty High
CVE-2020-5403 was published for io.projectreactor.netty:reactor-netty-http (Maven) Feb 10, 2022
Prototype pollution in pathval High
CVE-2020-7751 was published for pathval (npm) Feb 10, 2022
Improper Input Validation in Apache Solr Moderate
CVE-2020-13941 was published for org.apache.solr:solr-parent (Maven) Feb 10, 2022
Injection and Improper Input Validation in Apache Unomi Critical
CVE-2020-13942 was published for org.apache.unomi:unomi (Maven) Feb 10, 2022
A file write vulnerability exists in the OTA update task functionality of Sealevel Systems, Inc.... High Unreviewed
CVE-2021-21968 was published Feb 10, 2022
Improper Input Validation vulnerability in the ABB SPIET800 and PNI800 module allows an attacker... High Unreviewed
CVE-2021-22286 was published Feb 10, 2022
Improper Input Validation vulnerability in the ABB SPIET800 and PNI800 module allows an attacker... High Unreviewed
CVE-2021-22288 was published Feb 10, 2022
Lack of validation of URLs causes Mirantis Container Cloud Lens Extension before v3.1.1 to open... High Unreviewed
CVE-2022-0484 was published Feb 10, 2022
Improper Input Validation in Apache Unomi High
CVE-2020-11975 was published for org.apache.unomi:unomi (Maven) Feb 9, 2022
Data Amplification in Play Framework Low
CVE-2020-28923 was published for com.typesafe.play:play (Maven) Feb 9, 2022
Improper Input Validation in Keycloak High
CVE-2020-1714 was published for org.keycloak:keycloak-common (Maven) Feb 9, 2022
Server-side request forgery (SSRF) in Apache Batik High
CVE-2019-17566 was published for org.apache.xmlgraphics:batik (Maven) Feb 9, 2022
Server-side request forgery (SSRF) in Apache XmlGraphics Commons High
CVE-2020-11988 was published for org.apache.xmlgraphics:xmlgraphics-commons (Maven) Feb 9, 2022
A denial of service vulnerability exists in the cgiserver.cgi JSON command parser functionality... High Unreviewed
CVE-2021-44373 was published Feb 9, 2022
A denial of service vulnerability exists in the cgiserver.cgi JSON command parser functionality... High Unreviewed
CVE-2021-44369 was published Feb 9, 2022
A denial of service vulnerability exists in the cgiserver.cgi JSON command parser functionality... High Unreviewed
CVE-2021-44371 was published Feb 9, 2022
A denial of service vulnerability exists in the cgiserver.cgi JSON command parser functionality... High Unreviewed
CVE-2021-44377 was published Feb 9, 2022
A denial of service vulnerability exists in the cgiserver.cgi JSON command parser functionality... High Unreviewed
CVE-2021-44368 was published Feb 9, 2022
A denial of service vulnerability exists in the cgiserver.cgi JSON command parser functionality... High Unreviewed
CVE-2021-44380 was published Feb 9, 2022
A denial of service vulnerability exists in the cgiserver.cgi JSON command parser functionality... High Unreviewed
CVE-2021-44372 was published Feb 9, 2022
ProTip! Advisories are also available from the GraphQL API