Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,941
Erlang
29
GitHub Actions
16
Go
1,722
Maven
4,952
npm
3,481
NuGet
605
pip
3,049
Pub
10
RubyGems
832
Rust
778
Swift
34
Unreviewed advisories
All unreviewed
5,000+

160 advisories

Improper Handling of Exceptional Conditions and Origin Validation Error in Eclipse Paho Java client library Moderate
CVE-2019-11777 was published for org.eclipse.paho:org.eclipse.paho.client.mqttv3 (Maven) Sep 17, 2019
Uncontrolled Resource Consumption in transpile Moderate
CVE-2021-23429 was published for transpile (npm) Sep 2, 2021
Exposure of Sensitive Information in keycloak Moderate
CVE-2020-1744 was published for org.keycloak:keycloak-core (Maven) Sep 20, 2021
In getTitle of AccessPoint.java, there is a possible unhandled exception due to a missing null... Moderate Unreviewed
CVE-2021-0969 was published Dec 16, 2021
In apusys, there is a possible memory corruption due to a missing bounds check. This could lead... Moderate Unreviewed
CVE-2021-0679 was published Dec 18, 2021
The HwNearbyMain module has a Improper Handling of Exceptional Conditions vulnerability... Moderate Unreviewed
CVE-2021-37118 was published Jan 4, 2022
Possible denial of service due to improper handling of debug register trap from user applications... Moderate Unreviewed
CVE-2021-30283 was published Jan 4, 2022
Improper handling of exceptional conditions vulnerability in KONICA MINOLTA bizhub series (bizhub... Moderate Unreviewed
CVE-2021-20870 was published Jan 5, 2022
Incorrect download source UI in Downloads in Samsung Internet prior to 16.0.6.23 allows attackers... Moderate Unreviewed
CVE-2022-22290 was published Jan 15, 2022
In sortSimPhoneAccountsForEmergency of CreateConnectionProcessor.java, there is a possible... Moderate Unreviewed
CVE-2021-39659 was published Jan 15, 2022
NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel driver, where improper... Moderate Unreviewed
CVE-2022-21813 was published Feb 8, 2022
NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel driver package, where... Moderate Unreviewed
CVE-2022-21814 was published Feb 8, 2022
Uncaught exception in the Intel(R) Trace Analyzer and Collector before version 2021.5 may allow... Moderate Unreviewed
CVE-2022-21218 was published Feb 11, 2022
In Bluetooth, there is a possible information disclosure due to incorrect error handling. This... Moderate Unreviewed
CVE-2022-20042 was published Feb 11, 2022
A vulnerability was found in the Linux kernel's eBPF verifier when handling internal data... Moderate Unreviewed
CVE-2022-0264 was published Feb 11, 2022
Uncaught Exception in zip4j Moderate
CVE-2022-24615 was published for net.lingala.zip4j:zip4j (Maven) Feb 25, 2022
srikanth-lingala
Improper Handling of Exceptional Conditions inn metadata-extractor Moderate
CVE-2022-24613 was published for com.drewnoakes:metadata-extractor (Maven) Feb 25, 2022
ZGorlock
In btif, there is a possible memory corruption due to incorrect error handling. This could lead... Moderate Unreviewed
CVE-2022-20057 was published Mar 11, 2022
NVIDIA DCGM contains a vulnerability in nvhostengine, where a network user can cause detection of... Moderate Unreviewed
CVE-2022-21820 was published Mar 25, 2022
Improper exception handling in Samsung Pass prior to version 3.7.07.5 allows physical attacker to... Moderate Unreviewed
CVE-2022-27841 was published Apr 12, 2022
In atf (hwfde), there is a possible leak of sensitive information due to incorrect error handling... Moderate Unreviewed
CVE-2022-20066 was published Apr 12, 2022
In ged, there is a possible memory corruption due to an incorrect error handling. This could lead... Moderate Unreviewed
CVE-2022-20076 was published Apr 12, 2022
An improper handling of exceptional conditions vulnerability exists in the DNS proxy feature of... Moderate Unreviewed
CVE-2022-0023 was published Apr 14, 2022
fs/splice.c in the splice subsystem in the Linux kernel before 2.6.22.2 does not properly handle... Moderate Unreviewed
CVE-2008-4302 was published May 2, 2022
A vulnerability in the local malware analysis process of Cisco Firepower Threat Defense (FTD)... Moderate Unreviewed
CVE-2022-20748 was published May 4, 2022
ProTip! Advisories are also available from the GraphQL API