GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,941
Erlang
29
GitHub Actions
16
Go
1,722
Maven
4,952
npm
3,481
NuGet
605
pip
3,049
Pub
10
RubyGems
832
Rust
778
Swift
34
Unreviewed advisories
All unreviewed
5,000+
160 advisories
Filter by severity
Under specific 802.11 network conditions, a partial re-association of the Philips IntelliVue MX40...
Moderate
Unreviewed
CVE-2017-9657
was published
May 13, 2022
Certain 802.11 network management messages have been determined to invoke wireless access point...
Moderate
Unreviewed
CVE-2017-9658
was published
May 13, 2022
A vulnerability in the Secure Sockets Layer (SSL) Engine of Cisco Firepower System Software could...
Moderate
Unreviewed
CVE-2018-0272
was published
May 13, 2022
IBM DataPower Gateways 7.1, 7.2, 7.5, 7.5.1, 7.5.2, 7.6, and 7.7 and IBM MQ Appliance are...
Moderate
Unreviewed
CVE-2018-1677
was published
May 13, 2022
Cloud Foundry Loggregator, versions 89.x prior to 89.5 or 96.x prior to 96.1 or 99.x prior to 99...
Moderate
Unreviewed
CVE-2018-1269
was published
May 13, 2022
A vulnerability in the netconf interface of Cisco IOS XR Software could allow an unauthenticated,...
Moderate
Unreviewed
CVE-2018-0286
was published
May 13, 2022
A vulnerability in SonicWall SonicOS and SonicOSv, allow authenticated read-only admin to leave...
Moderate
Unreviewed
CVE-2019-7474
was published
May 13, 2022
A vulnerability in the detection engine of Cisco Firepower Threat Defense Software could allow an...
Moderate
Unreviewed
CVE-2019-1691
was published
May 13, 2022
OpenStack Neutron's unsupported dport option prevents applying security groups
Moderate
CVE-2019-9735
was published
for
neutron
(pip)
May 13, 2022
Perdition before 2.2 may have weak security when handling outbound connections, caused by an...
Moderate
Unreviewed
CVE-2013-4584
was published
May 5, 2022
A vulnerability in the local malware analysis process of Cisco Firepower Threat Defense (FTD)...
Moderate
Unreviewed
CVE-2022-20748
was published
May 4, 2022
fs/splice.c in the splice subsystem in the Linux kernel before 2.6.22.2 does not properly handle...
Moderate
Unreviewed
CVE-2008-4302
was published
May 2, 2022
An improper handling of exceptional conditions vulnerability exists in the DNS proxy feature of...
Moderate
Unreviewed
CVE-2022-0023
was published
Apr 14, 2022
In ged, there is a possible memory corruption due to an incorrect error handling. This could lead...
Moderate
Unreviewed
CVE-2022-20076
was published
Apr 12, 2022
In atf (hwfde), there is a possible leak of sensitive information due to incorrect error handling...
Moderate
Unreviewed
CVE-2022-20066
was published
Apr 12, 2022
Improper exception handling in Samsung Pass prior to version 3.7.07.5 allows physical attacker to...
Moderate
Unreviewed
CVE-2022-27841
was published
Apr 12, 2022
NVIDIA DCGM contains a vulnerability in nvhostengine, where a network user can cause detection of...
Moderate
Unreviewed
CVE-2022-21820
was published
Mar 25, 2022
In btif, there is a possible memory corruption due to incorrect error handling. This could lead...
Moderate
Unreviewed
CVE-2022-20057
was published
Mar 11, 2022
Improper Handling of Exceptional Conditions inn metadata-extractor
Moderate
CVE-2022-24613
was published
for
com.drewnoakes:metadata-extractor
(Maven)
Feb 25, 2022
Uncaught Exception in zip4j
Moderate
CVE-2022-24615
was published
for
net.lingala.zip4j:zip4j
(Maven)
Feb 25, 2022
A vulnerability was found in the Linux kernel's eBPF verifier when handling internal data...
Moderate
Unreviewed
CVE-2022-0264
was published
Feb 11, 2022
In Bluetooth, there is a possible information disclosure due to incorrect error handling. This...
Moderate
Unreviewed
CVE-2022-20042
was published
Feb 11, 2022
Uncaught exception in the Intel(R) Trace Analyzer and Collector before version 2021.5 may allow...
Moderate
Unreviewed
CVE-2022-21218
was published
Feb 11, 2022
NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel driver package, where...
Moderate
Unreviewed
CVE-2022-21814
was published
Feb 8, 2022
NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel driver, where improper...
Moderate
Unreviewed
CVE-2022-21813
was published
Feb 8, 2022
ProTip!
Advisories are also available from the
GraphQL API