Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,055
Erlang
29
GitHub Actions
19
Go
1,889
Maven
5,000+
npm
3,605
NuGet
638
pip
3,208
Pub
10
RubyGems
852
Rust
816
Swift
35
Unreviewed advisories
All unreviewed
5,000+

400 advisories

Loading
Improper conditions check in the Intel(R) SGX SDK software may allow a privileged user to... Moderate Unreviewed
CVE-2022-26509 was published Feb 16, 2023
Uncaught exception in webserver for the Integrated BMC in some Intel(R) platforms before versions... Moderate Unreviewed
CVE-2022-29493 was published Feb 16, 2023
Uncaught exception in the Intel(R) Iris(R) Xe MAX drivers for Windows before version 100.0.5.1436... Moderate Unreviewed
CVE-2022-34849 was published Feb 16, 2023
Uncaught exception in the FCS Server software maintained by Intel before version 1.1.79.3 may... Moderate Unreviewed
CVE-2022-36287 was published Feb 16, 2023
A vulnerability in class-of-service (CoS) queue management in Juniper Networks Junos OS on the... High Unreviewed
CVE-2023-22391 was published Jan 13, 2023
An improper handling of exceptional conditions vulnerability in Trend Micro Apex One and Apex One... High Unreviewed
CVE-2022-44652 was published Dec 12, 2022
Improper handling of insufficient permissions vulnerability in setSecureFolderPolicy in... Low Unreviewed
CVE-2022-39912 was published Dec 8, 2022
go-merkledag's ProtoNode may be modified such that common method calls may panic High
CVE-2022-23495 was published for github.com/ipfs/go-merkledag (Go) Dec 8, 2022
mrd0ll4r
Yauaa vulnerable to ArrayIndexOutOfBoundsException triggered by a crafted Sec-Ch-Ua-Full-Version-List High
CVE-2022-23496 was published for nl.basjes.parse.useragent:yauaa (Maven) Dec 8, 2022
Redmine 5.x before 5.0.4 allows downloading of file attachments of any Issue or any Wiki page due... High Unreviewed
CVE-2022-44030 was published Dec 7, 2022
nadesiko3 allows remote attacker to inject invalid value to decodeURIComponent of nako3edit Moderate
CVE-2022-41777 was published for nadesiko3 (npm) Dec 5, 2022
A vulnerability in the processing of SSH connections of Cisco Firepower Management Center (FMC)... High Unreviewed
CVE-2022-20854 was published Nov 16, 2022
Improper access control vulnerability in IpcRxServiceModeBigDataInfo in RIL prior to SMR Nov-2022... Low Unreviewed
CVE-2022-39886 was published Nov 10, 2022
Improper access control vulnerability in BootCompletedReceiver_CMCC in DeviceManagement prior to... Low Unreviewed
CVE-2022-39885 was published Nov 10, 2022
A denial of service vulnerability exists in the web_server hashFirst functionality of Robustel... High Unreviewed
CVE-2022-35268 was published Oct 25, 2022
An unhandled exception in job log parsing in GitLab CE/EE affecting all versions prior to 15.2.5,... Moderate Unreviewed
CVE-2022-3279 was published Oct 17, 2022
lock order inversion in transitive grant copy handling As part of XSA-226 a missing cleanup call... Moderate Unreviewed
CVE-2022-33748 was published Oct 11, 2022
A vulnerability in the SSH implementation of Cisco IOS Software and Cisco IOS XE Software could... High Unreviewed
CVE-2022-20920 was published Oct 11, 2022
Traefik HTTP/2 connections management could cause a denial of service High
CVE-2022-39271 was published for github.com/traefik/traefik/v2 (Go) Oct 10, 2022
In wlan, there is a possible use after free due to an incorrect status check. This could lead to... Moderate Unreviewed
CVE-2022-32590 was published Oct 8, 2022
Improper restriction of broadcasting Intent in ShareLive prior to version 13.2.03.5 leaks MAC... Low Unreviewed
CVE-2022-39872 was published Oct 7, 2022
A maliciously crafted PDF file when parsed through Autodesk AutoCAD 2023 causes an unhandled... High Unreviewed
CVE-2022-33887 was published Oct 4, 2022
A maliciously crafted MODEL and SLDPRT file can be used to write beyond the allocated buffer... High Unreviewed
CVE-2022-33886 was published Oct 4, 2022
A vulnerability in the processing of malformed Common Industrial Protocol (CIP) packets that are... High Unreviewed
CVE-2022-20919 was published Oct 1, 2022
rdiffweb 2.4.1 Missing Custom Error Page Moderate
CVE-2022-3175 was published for rdiffweb (pip) Sep 14, 2022
ProTip! Advisories are also available from the GraphQL API