GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,941
Erlang
29
GitHub Actions
16
Go
1,722
Maven
4,952
npm
3,481
NuGet
605
pip
3,049
Pub
10
RubyGems
832
Rust
778
Swift
34
Unreviewed advisories
All unreviewed
5,000+
186 advisories
Filter by severity
simpleSAMLphp incorrectly handles XML encryption
High
CVE-2011-4625
was published
for
simplesamlphp/simplesamlphp
(Composer)
Apr 22, 2022
A vulnerability in the AppNav-XE feature of Cisco IOS XE Software could allow an unauthenticated,...
High
Unreviewed
CVE-2022-20678
was published
Apr 16, 2022
Multiple vulnerabilities in the Cisco IOx application hosting environment on multiple Cisco...
High
Unreviewed
CVE-2022-20726
was published
Apr 16, 2022
A maliciously crafted DWG file can be used to write beyond the allocated buffer while parsing DWG...
High
Unreviewed
CVE-2022-25795
was published
Apr 14, 2022
A specially crafted packet sent to the Fernhill SCADA Server Version 3.77 and earlier may cause...
High
Unreviewed
CVE-2022-21155
was published
Apr 13, 2022
Dell PowerScale OneFS versions 8.2.x - 9.3.0.x contains a denial-of-service vulnerability in...
High
Unreviewed
CVE-2022-23161
was published
Apr 13, 2022
A flaw was found in darkhttpd. Invalid error handling allows remote attackers to cause denial-of...
High
Unreviewed
CVE-2020-25691
was published
Apr 3, 2022
Improper Input Validation and Excessive Iteration in Go Facebook Thrift
High
CVE-2019-3564
was published
for
github.com/facebook/fbthrift
(Go)
Feb 15, 2022
A memory corruption vulnerability exists in the JavaScript engine of Foxit Software’s PDF Reader,...
High
Unreviewed
CVE-2022-22150
was published
Feb 11, 2022
An improper handling of exceptional conditions vulnerability exists within the Connect Before...
High
Unreviewed
CVE-2022-0016
was published
Feb 11, 2022
Improper Handling of Exceptional Conditions and Improper Input Validation in Reactor Netty
High
CVE-2020-5403
was published
for
io.projectreactor.netty:reactor-netty-http
(Maven)
Feb 10, 2022
Improper Handling of Exceptional Conditions, Improper Check for Unusual or Exceptional Conditions...
High
Unreviewed
CVE-2021-22285
was published
Feb 10, 2022
On BIG-IP AFM version 16.1.x before 16.1.2, 15.1.x before 15.1.4.1, 14.1.x before 14.1.4.5, and...
High
Unreviewed
CVE-2022-23018
was published
Jan 26, 2022
A release of illegal memory vulnerability in the snmpd daemon of Juniper Networks Junos OS, Junos...
High
Unreviewed
CVE-2022-22177
was published
Jan 20, 2022
An improper check or handling of exceptional conditions in NPU driver prior to SMR Jan-2022...
High
Unreviewed
CVE-2022-22265
was published
Jan 11, 2022
Improper access control in TrustZone due to improper error handling while handling the signing...
High
Unreviewed
CVE-2021-1894
was published
Jan 4, 2022
Possible buffer overflow due to lack of range check while processing a DIAG command for COEX...
High
Unreviewed
CVE-2021-30289
was published
Jan 4, 2022
An improper check or handling of exceptional conditions in Exynos baseband prior to SMR Dec-2021...
High
Unreviewed
CVE-2021-25516
was published
Dec 9, 2021
There is an Exception log vulnerability in Huawei Smartphone.Successful exploitation of this...
High
Unreviewed
CVE-2021-37052
was published
Dec 9, 2021
An unauthenticated attacker is able to send a special HTTP request, that causes a service to...
High
Unreviewed
CVE-2021-23859
was published
Dec 9, 2021
In apusys, there is a possible memory corruption due to incorrect error handling. This could lead...
High
Unreviewed
CVE-2021-0668
was published
Nov 19, 2021
Parse Server crashes with query parameter
High
CVE-2021-39187
was published
for
parse-server
(npm)
Sep 2, 2021
Improper Handling of Exceptional Conditions in detect-character-encoding
High
CVE-2021-39157
was published
for
detect-character-encoding
(npm)
Aug 25, 2021
ProTip!
Advisories are also available from the
GraphQL API