Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,080
Erlang
29
GitHub Actions
19
Go
1,908
Maven
5,000+
npm
3,642
NuGet
638
pip
3,258
Pub
10
RubyGems
869
Rust
820
Swift
35
Unreviewed advisories
All unreviewed
5,000+

10,610 advisories

Loading
Header Injection Moderate
CVE-2018-1000883 was published for plug (Erlang) Apr 12, 2022
The release of OpenShift 4.9.6 included four CVE fixes for the haproxy package, however the patch... High Unreviewed
CVE-2021-4047 was published Apr 12, 2022
In ssmr, there is a possible out of bounds write due to a missing bounds check. This could lead... Moderate Unreviewed
CVE-2022-20070 was published Apr 12, 2022
In vow, there is a possible read of uninitialized data due to a improper input validation. This... Moderate Unreviewed
CVE-2022-20079 was published Apr 12, 2022
Improper validation vulnerability in VerifyCredentialResponse prior to SMR Apr-2022 Release 1... High Unreviewed
CVE-2022-27829 was published Apr 12, 2022
Improper validation vulnerability in MediaMonitorDimension prior to SMR Apr-2022 Release 1 allows... High Unreviewed
CVE-2022-27827 was published Apr 12, 2022
Improper validation vulnerability in MediaMonitorEvent prior to SMR Apr-2022 Release 1 allows... High Unreviewed
CVE-2022-27828 was published Apr 12, 2022
Improper validation vulnerability in SemSuspendDialogInfo prior to SMR Apr-2022 Release 1 allows... High Unreviewed
CVE-2022-27826 was published Apr 12, 2022
Improper boundary check in UWB firmware prior to SMR Apr-2022 Release 1 allows arbitrary memory... High Unreviewed
CVE-2022-27835 was published Apr 12, 2022
Improper validation vulnerability in SemBlurInfo prior to SMR Apr-2022 Release 1 allows attackers... High Unreviewed
CVE-2022-27830 was published Apr 12, 2022
ASUS RT-AC86U has improper user request handling, which allows an unauthenticated LAN attacker to... Moderate Unreviewed
CVE-2022-25595 was published Apr 8, 2022
An improper input validation vulnerability in the sniffer interface of FortiSandbox before 3.2.2... Moderate Unreviewed
CVE-2020-29013 was published Apr 7, 2022
A vulnerability in the Web-Based Reputation Score (WBRS) engine of Cisco AsyncOS Software for... Moderate Unreviewed
CVE-2022-20784 was published Apr 7, 2022
Inappropriate implementation in Full Screen Mode in Google Chrome on Android prior to 98.0.4758... Moderate Unreviewed
CVE-2022-0455 was published Apr 6, 2022
Incorrect protocol extraction via \r, \n and \t characters High
CVE-2022-1243 was published for urijs (npm) Apr 6, 2022
Haxatron chrisbloom7
Improper Input Validation vulnerability in ABB 800xA, Control Software for AC 800M, Control... High Unreviewed
CVE-2021-22277 was published Apr 3, 2022
An local privilege escalation vulnerability due to a "runasroot" command in eScan Anti-Virus.... High Unreviewed
CVE-2021-26624 was published Apr 3, 2022
Data can be copied without validation in the built-in web server in Moxa NPort IAW5000A-I/O... High Unreviewed
CVE-2021-32970 was published Apr 3, 2022
Improper input validation in the built-in web server in Moxa NPort IAW5000A-I/O series firmware... Critical Unreviewed
CVE-2021-32974 was published Apr 3, 2022
Improper input validation in all versions of GitLab CE/EE using sendmail to send emails allowed... High Unreviewed
CVE-2022-0741 was published Apr 3, 2022
Improper input validation vulnerability in pfSense CE and pfSense Plus (pfSense CE software... High Unreviewed
CVE-2022-24299 was published Apr 1, 2022
IBM Security Verify Access could allow a user, using man in the middle techniques, to obtain... Moderate Unreviewed
CVE-2022-22311 was published Apr 1, 2022
In Messaging, there is a possible way to bypass attachment restrictions due to improper input... Moderate Unreviewed
CVE-2021-39740 was published Mar 31, 2022
In Settings, there is a possible way to display an incorrect app name due to improper input... High Unreviewed
CVE-2021-39764 was published Mar 31, 2022
In Settings, there is a possible way to make the user enable WiFi due to improper input... High Unreviewed
CVE-2021-39763 was published Mar 31, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database