GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,055
Erlang
29
GitHub Actions
19
Go
1,889
Maven
5,000+
npm
3,605
NuGet
638
pip
3,208
Pub
10
RubyGems
852
Rust
816
Swift
35
Unreviewed advisories
All unreviewed
5,000+
10,572 advisories
Filter by severity
NVIDIA DCGM contains a vulnerability in nvhostengine, where a network user can cause detection of...
Moderate
Unreviewed
CVE-2022-21820
was published
Mar 25, 2022
Improper Input Validation vulnerability in custom report logo upload in Nozomi Networks Guardian,...
High
Unreviewed
CVE-2022-0550
was published
Mar 25, 2022
Improper Input Validation vulnerability in project file upload in Nozomi Networks Guardian and...
High
Unreviewed
CVE-2022-0551
was published
Mar 25, 2022
Improper Input Validation vulnerability in request line parsing of Apache Traffic Server allows...
High
Unreviewed
CVE-2021-44040
was published
Mar 24, 2022
GE UR firmware versions prior to version 8.1x web server task does not properly handle receipt of...
Moderate
Unreviewed
CVE-2021-27420
was published
Mar 24, 2022
A flaw was found in ImageMagick. The vulnerability occurs due to improper use of open functions...
Moderate
Unreviewed
CVE-2021-4219
was published
Mar 24, 2022
In the vote (aka "Polls, Votes") module before 21.0.100 of Bitrix Site Manager, a remote...
Critical
Unreviewed
CVE-2022-27228
was published
Mar 23, 2022
A validation issue was addressed with improved input sanitization. This issue is fixed in iOS 15...
Moderate
Unreviewed
CVE-2022-22589
was published
Mar 19, 2022
A logic issue was addressed with improved restrictions. This issue is fixed in iOS 15.4 and...
High
Unreviewed
CVE-2022-22653
was published
Mar 19, 2022
A user interface issue was addressed. This issue is fixed in watchOS 8.5, Safari 15.4. Visiting a...
Moderate
Unreviewed
CVE-2022-22654
was published
Mar 19, 2022
This issue was addressed with a new entitlement. This issue is fixed in macOS Monterey 12.3. An...
Moderate
Unreviewed
CVE-2022-22660
was published
Mar 19, 2022
NaN/INF in serverbound movement packets can crash clients and servers
High
GHSA-fm35-jgg3-3grx
was published
for
pocketmine/pocketmine-mp
(Composer)
Mar 18, 2022
Kerberos acceptors need easy access to stable AD identifiers (eg objectSid). Samba as an AD DC...
High
Unreviewed
CVE-2020-25721
was published
Mar 17, 2022
In setDisplayPadding of WallpaperManagerService.java, there is a possible way to cause a...
Moderate
Unreviewed
CVE-2021-39690
was published
Mar 17, 2022
In serviceConnection of ControlsProviderLifecycleManager.kt, there is a possible way to keep...
High
Unreviewed
CVE-2021-39701
was published
Mar 17, 2022
CuppaCMS v1.0 was discovered to contain a remote code execution (RCE) vulnerability via the...
Critical
Unreviewed
CVE-2022-25498
was published
Mar 16, 2022
Spoofing attack in swagger-ui
Moderate
CVE-2018-25031
was published
for
swagger-ui
(npm)
Mar 12, 2022
Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious...
High
Unreviewed
CVE-2022-24415
was published
Mar 12, 2022
Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious...
High
Unreviewed
CVE-2022-24416
was published
Mar 12, 2022
Improper Input Validation in url-js
Moderate
CVE-2022-25839
was published
for
url-js
(npm)
Mar 12, 2022
Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious...
High
Unreviewed
CVE-2022-24419
was published
Mar 12, 2022
Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious...
High
Unreviewed
CVE-2022-24420
was published
Mar 12, 2022
Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious...
High
Unreviewed
CVE-2022-24421
was published
Mar 12, 2022
It was discovered that the SteelCentral AppInternals Dynamic Sampling Agent (DSA) has Remote Code...
Critical
Unreviewed
CVE-2021-42786
was published
Mar 11, 2022
SAS Logon Manager v9.4 was discovered to contain a vulnerability in the web UI which would allow...
Moderate
Unreviewed
CVE-2021-42186
was published
Mar 11, 2022
ProTip!
Advisories are also available from the
GraphQL API