GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,080
Erlang
29
GitHub Actions
19
Go
1,908
Maven
5,000+
npm
3,642
NuGet
638
pip
3,258
Pub
10
RubyGems
869
Rust
820
Swift
35
Unreviewed advisories
All unreviewed
5,000+
10,610 advisories
Filter by severity
The release of OpenShift 4.9.6 included four CVE fixes for the haproxy package, however the patch...
High
Unreviewed
CVE-2021-4047
was published
Apr 12, 2022
In ssmr, there is a possible out of bounds write due to a missing bounds check. This could lead...
Moderate
Unreviewed
CVE-2022-20070
was published
Apr 12, 2022
In vow, there is a possible read of uninitialized data due to a improper input validation. This...
Moderate
Unreviewed
CVE-2022-20079
was published
Apr 12, 2022
Improper validation vulnerability in VerifyCredentialResponse prior to SMR Apr-2022 Release 1...
High
Unreviewed
CVE-2022-27829
was published
Apr 12, 2022
Improper validation vulnerability in MediaMonitorDimension prior to SMR Apr-2022 Release 1 allows...
High
Unreviewed
CVE-2022-27827
was published
Apr 12, 2022
Improper validation vulnerability in MediaMonitorEvent prior to SMR Apr-2022 Release 1 allows...
High
Unreviewed
CVE-2022-27828
was published
Apr 12, 2022
Improper validation vulnerability in SemSuspendDialogInfo prior to SMR Apr-2022 Release 1 allows...
High
Unreviewed
CVE-2022-27826
was published
Apr 12, 2022
Improper boundary check in UWB firmware prior to SMR Apr-2022 Release 1 allows arbitrary memory...
High
Unreviewed
CVE-2022-27835
was published
Apr 12, 2022
Improper validation vulnerability in SemBlurInfo prior to SMR Apr-2022 Release 1 allows attackers...
High
Unreviewed
CVE-2022-27830
was published
Apr 12, 2022
ASUS RT-AC86U has improper user request handling, which allows an unauthenticated LAN attacker to...
Moderate
Unreviewed
CVE-2022-25595
was published
Apr 8, 2022
An improper input validation vulnerability in the sniffer interface of FortiSandbox before 3.2.2...
Moderate
Unreviewed
CVE-2020-29013
was published
Apr 7, 2022
A vulnerability in the Web-Based Reputation Score (WBRS) engine of Cisco AsyncOS Software for...
Moderate
Unreviewed
CVE-2022-20784
was published
Apr 7, 2022
Inappropriate implementation in Full Screen Mode in Google Chrome on Android prior to 98.0.4758...
Moderate
Unreviewed
CVE-2022-0455
was published
Apr 6, 2022
Incorrect protocol extraction via \r, \n and \t characters
High
CVE-2022-1243
was published
for
urijs
(npm)
Apr 6, 2022
Improper Input Validation vulnerability in ABB 800xA, Control Software for AC 800M, Control...
High
Unreviewed
CVE-2021-22277
was published
Apr 3, 2022
An local privilege escalation vulnerability due to a "runasroot" command in eScan Anti-Virus....
High
Unreviewed
CVE-2021-26624
was published
Apr 3, 2022
Data can be copied without validation in the built-in web server in Moxa NPort IAW5000A-I/O...
High
Unreviewed
CVE-2021-32970
was published
Apr 3, 2022
Improper input validation in the built-in web server in Moxa NPort IAW5000A-I/O series firmware...
Critical
Unreviewed
CVE-2021-32974
was published
Apr 3, 2022
Improper input validation in all versions of GitLab CE/EE using sendmail to send emails allowed...
High
Unreviewed
CVE-2022-0741
was published
Apr 3, 2022
Improper input validation vulnerability in pfSense CE and pfSense Plus (pfSense CE software...
High
Unreviewed
CVE-2022-24299
was published
Apr 1, 2022
IBM Security Verify Access could allow a user, using man in the middle techniques, to obtain...
Moderate
Unreviewed
CVE-2022-22311
was published
Apr 1, 2022
In Messaging, there is a possible way to bypass attachment restrictions due to improper input...
Moderate
Unreviewed
CVE-2021-39740
was published
Mar 31, 2022
In Settings, there is a possible way to display an incorrect app name due to improper input...
High
Unreviewed
CVE-2021-39764
was published
Mar 31, 2022
In Settings, there is a possible way to make the user enable WiFi due to improper input...
High
Unreviewed
CVE-2021-39763
was published
Mar 31, 2022
ProTip!
Advisories are also available from the
GraphQL API