GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,869
Erlang
29
GitHub Actions
16
Go
1,717
Maven
4,951
npm
3,480
NuGet
605
pip
3,026
Pub
10
RubyGems
832
Rust
776
Swift
34
Unreviewed advisories
All unreviewed
5,000+
10,379 advisories
Filter by severity
Improper input validation in a third-party component for Intel(R) Quartus(R) Prime Pro Edition...
High
Unreviewed
CVE-2021-44454
was published
Feb 11, 2022
When a user opens a manipulated Tagged Image File Format (.tiff, 2d.x3d)) received from untrusted...
Moderate
Unreviewed
CVE-2022-22537
was published
Feb 11, 2022
When a user opens a manipulated Adobe Illustrator file format (.ai, ai.x3d) received from...
Moderate
Unreviewed
CVE-2022-22538
was published
Feb 11, 2022
When a user opens a manipulated JPEG file format (.jpg, 2d.x3d) received from untrusted sources...
Moderate
Unreviewed
CVE-2022-22539
was published
Feb 11, 2022
Permissive parameters and privilege escalation
Moderate
CVE-2018-20301
was published
for
coherence
(Erlang)
Feb 10, 2022
Improper Handling of Exceptional Conditions and Improper Input Validation in Reactor Netty
High
CVE-2020-5403
was published
for
io.projectreactor.netty:reactor-netty-http
(Maven)
Feb 10, 2022
Improper Input Validation in Apache Solr
Moderate
CVE-2020-13941
was published
for
org.apache.solr:solr-parent
(Maven)
Feb 10, 2022
Injection and Improper Input Validation in Apache Unomi
Critical
CVE-2020-13942
was published
for
org.apache.unomi:unomi
(Maven)
Feb 10, 2022
A file write vulnerability exists in the OTA update task functionality of Sealevel Systems, Inc....
High
Unreviewed
CVE-2021-21968
was published
Feb 10, 2022
Improper Input Validation vulnerability in the ABB SPIET800 and PNI800 module allows an attacker...
High
Unreviewed
CVE-2021-22286
was published
Feb 10, 2022
Improper Input Validation vulnerability in the ABB SPIET800 and PNI800 module allows an attacker...
High
Unreviewed
CVE-2021-22288
was published
Feb 10, 2022
Lack of validation of URLs causes Mirantis Container Cloud Lens Extension before v3.1.1 to open...
High
Unreviewed
CVE-2022-0484
was published
Feb 10, 2022
Improper Input Validation in Apache Unomi
High
CVE-2020-11975
was published
for
org.apache.unomi:unomi
(Maven)
Feb 9, 2022
Data Amplification in Play Framework
Low
CVE-2020-28923
was published
for
com.typesafe.play:play
(Maven)
Feb 9, 2022
Improper Input Validation in Keycloak
High
CVE-2020-1714
was published
for
org.keycloak:keycloak-common
(Maven)
Feb 9, 2022
Server-side request forgery (SSRF) in Apache Batik
High
CVE-2019-17566
was published
for
org.apache.xmlgraphics:batik
(Maven)
Feb 9, 2022
Server-side request forgery (SSRF) in Apache XmlGraphics Commons
High
CVE-2020-11988
was published
for
org.apache.xmlgraphics:xmlgraphics-commons
(Maven)
Feb 9, 2022
A denial of service vulnerability exists in the cgiserver.cgi JSON command parser functionality...
High
Unreviewed
CVE-2021-44373
was published
Feb 9, 2022
A denial of service vulnerability exists in the cgiserver.cgi JSON command parser functionality...
High
Unreviewed
CVE-2021-44369
was published
Feb 9, 2022
A denial of service vulnerability exists in the cgiserver.cgi JSON command parser functionality...
High
Unreviewed
CVE-2021-44371
was published
Feb 9, 2022
A denial of service vulnerability exists in the cgiserver.cgi JSON command parser functionality...
High
Unreviewed
CVE-2021-44377
was published
Feb 9, 2022
A denial of service vulnerability exists in the cgiserver.cgi JSON command parser functionality...
High
Unreviewed
CVE-2021-44368
was published
Feb 9, 2022
A denial of service vulnerability exists in the cgiserver.cgi JSON command parser functionality...
High
Unreviewed
CVE-2021-44380
was published
Feb 9, 2022
A denial of service vulnerability exists in the cgiserver.cgi JSON command parser functionality...
High
Unreviewed
CVE-2021-44372
was published
Feb 9, 2022
ProTip!
Advisories are also available from the
GraphQL API