Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,055
Erlang
29
GitHub Actions
19
Go
1,889
Maven
5,000+
npm
3,605
NuGet
638
pip
3,208
Pub
10
RubyGems
852
Rust
816
Swift
35
Unreviewed advisories
All unreviewed
5,000+

10,572 advisories

Loading
NVIDIA DCGM contains a vulnerability in nvhostengine, where a network user can cause detection of... Moderate Unreviewed
CVE-2022-21820 was published Mar 25, 2022
Improper Input Validation vulnerability in custom report logo upload in Nozomi Networks Guardian,... High Unreviewed
CVE-2022-0550 was published Mar 25, 2022
Improper Input Validation vulnerability in project file upload in Nozomi Networks Guardian and... High Unreviewed
CVE-2022-0551 was published Mar 25, 2022
Improper Input Validation vulnerability in request line parsing of Apache Traffic Server allows... High Unreviewed
CVE-2021-44040 was published Mar 24, 2022
GE UR firmware versions prior to version 8.1x web server task does not properly handle receipt of... Moderate Unreviewed
CVE-2021-27420 was published Mar 24, 2022
A flaw was found in ImageMagick. The vulnerability occurs due to improper use of open functions... Moderate Unreviewed
CVE-2021-4219 was published Mar 24, 2022
In the vote (aka "Polls, Votes") module before 21.0.100 of Bitrix Site Manager, a remote... Critical Unreviewed
CVE-2022-27228 was published Mar 23, 2022
A validation issue was addressed with improved input sanitization. This issue is fixed in iOS 15... Moderate Unreviewed
CVE-2022-22589 was published Mar 19, 2022
A logic issue was addressed with improved restrictions. This issue is fixed in iOS 15.4 and... High Unreviewed
CVE-2022-22653 was published Mar 19, 2022
A user interface issue was addressed. This issue is fixed in watchOS 8.5, Safari 15.4. Visiting a... Moderate Unreviewed
CVE-2022-22654 was published Mar 19, 2022
This issue was addressed with a new entitlement. This issue is fixed in macOS Monterey 12.3. An... Moderate Unreviewed
CVE-2022-22660 was published Mar 19, 2022
NaN/INF in serverbound movement packets can crash clients and servers High
GHSA-fm35-jgg3-3grx was published for pocketmine/pocketmine-mp (Composer) Mar 18, 2022
Kerberos acceptors need easy access to stable AD identifiers (eg objectSid). Samba as an AD DC... High Unreviewed
CVE-2020-25721 was published Mar 17, 2022
In setDisplayPadding of WallpaperManagerService.java, there is a possible way to cause a... Moderate Unreviewed
CVE-2021-39690 was published Mar 17, 2022
In serviceConnection of ControlsProviderLifecycleManager.kt, there is a possible way to keep... High Unreviewed
CVE-2021-39701 was published Mar 17, 2022
CuppaCMS v1.0 was discovered to contain a remote code execution (RCE) vulnerability via the... Critical Unreviewed
CVE-2022-25498 was published Mar 16, 2022
Spoofing attack in swagger-ui Moderate
CVE-2018-25031 was published for swagger-ui (npm) Mar 12, 2022
Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious... High Unreviewed
CVE-2022-24415 was published Mar 12, 2022
Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious... High Unreviewed
CVE-2022-24416 was published Mar 12, 2022
Improper Input Validation in url-js Moderate
CVE-2022-25839 was published for url-js (npm) Mar 12, 2022
Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious... High Unreviewed
CVE-2022-24419 was published Mar 12, 2022
Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious... High Unreviewed
CVE-2022-24420 was published Mar 12, 2022
Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious... High Unreviewed
CVE-2022-24421 was published Mar 12, 2022
It was discovered that the SteelCentral AppInternals Dynamic Sampling Agent (DSA) has Remote Code... Critical Unreviewed
CVE-2021-42786 was published Mar 11, 2022
SAS Logon Manager v9.4 was discovered to contain a vulnerability in the web UI which would allow... Moderate Unreviewed
CVE-2021-42186 was published Mar 11, 2022
ProTip! Advisories are also available from the GraphQL API