Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,238
Erlang
31
GitHub Actions
21
Go
2,005
Maven
5,000+
npm
3,716
NuGet
661
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+

53 advisories

Loading
A vulnerability found in postgresql. On this security issue an attack requires permission to... High Unreviewed
CVE-2022-2625 was published Aug 19, 2022
The Multipass service was found to have code paths that could be abused to cause a denial of... Critical Unreviewed
CVE-2022-27889 was published Jun 15, 2022
There is an Improper Control of Dynamically Managing Code Resources Vulnerability in Huawei... Critical Unreviewed
CVE-2021-22387 was published May 24, 2022
An issue was discovered in Thunar before 4.16.7 and 4.17.x before 4.17.2. When called with a... Critical Unreviewed
CVE-2021-32563 was published May 24, 2022
A vulnerability in Cisco Webex Meetings and Cisco Webex Meetings Server could allow an... Critical Unreviewed
CVE-2020-3419 was published May 24, 2022
A vulnerability in the command-line interface in Brocade Fabric OS before Brocade Fabric OS v8.2... Moderate Unreviewed
CVE-2020-15372 was published May 24, 2022
An information disclosure vulnerability exists when the Windows GDI component improperly... Moderate Unreviewed
CVE-2020-1097 was published May 24, 2022
An information disclosure vulnerability exists when the Windows GDI component improperly... Moderate Unreviewed
CVE-2020-1091 was published May 24, 2022
There was a man-in-the-middle (MITM) vulnerability present in the Confluence Previews plugin in... Moderate Unreviewed
CVE-2019-15006 was published May 24, 2022
GitHub Enterprise before 20120304 does not properly restrict the use of a hash to provide values... Moderate Unreviewed
CVE-2012-2055 was published May 17, 2022
Crafter CMS Crafter Studio vulnerable to Improper Control of Dynamically-Managed Code Resources High
CVE-2021-23267 was published for org.craftercms:crafter-studio (Maven) May 17, 2022
distribute-cache.c in ImageMagick re-uses objects after they have been destroyed, which allows... Critical Unreviewed
CVE-2014-9852 was published May 14, 2022
A vulnerability in the Fibre Channel over Ethernet (FCoE) protocol implementation in Cisco NX-OS... Moderate Unreviewed
CVE-2019-1595 was published May 13, 2022
A vulnerability in the Fibre Channel over Ethernet (FCoE) N-port Virtualization (NPV) protocol... High Unreviewed
CVE-2019-1617 was published May 13, 2022
In the Linux kernel through 5.16.10, certain binary files may have the exec-all attribute if they... High Unreviewed
CVE-2022-25265 was published Feb 17, 2022
Improper Control of Dynamically-Managed Code Resources in Crafter CMS Crafter Studio High
CVE-2020-25802 was published for org.craftercms:crafter-studio (Maven) Feb 9, 2022
Improper Control of Dynamically-Managed Code Resources in Crafter CMS Crafter Studio High
CVE-2020-25803 was published for org.craftercms:crafter-studio (Maven) Feb 9, 2022
Improper Access Control of Dynamically-Managed Code Resources (DLL) in Thales Sentinel Protection... High Unreviewed
CVE-2021-42809 was published Dec 21, 2021
Serialization gadgets exploit in jackson-databind High
CVE-2020-35491 was published for com.fasterxml.jackson.core:jackson-databind (Maven) Dec 9, 2021
mpihelgas
Authenticated users with Administrator or Developer roles may execute OS commands by Groovy... High Unreviewed
CVE-2021-23259 was published Dec 3, 2021
Authenticated users with Administrator or Developer roles may execute OS commands by SPEL... High Unreviewed
CVE-2021-23258 was published Dec 3, 2021
Authenticated administrators may modify the main YAML configuration file and load a Java class... High Unreviewed
CVE-2021-23262 was published Dec 3, 2021
Prototype Pollution in config-handler Critical
CVE-2021-23448 was published for config-handler (npm) Oct 12, 2021
Header dropping in traefik Moderate
CVE-2021-32813 was published for github.com/traefik/traefik (Go) Aug 5, 2021
Prototype pollution in nestie Critical
CVE-2021-25947 was published for nestie (npm) Jun 7, 2021
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database