Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,902
Maven
5,000+
npm
3,631
NuGet
638
pip
3,246
Pub
10
RubyGems
863
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

4,426 advisories

Loading
Improper Input Validation in yargs-parser Moderate Unreviewed
GHSA-ghmj-crg5-xw2j was published Feb 15, 2022
Insufficient syscall input validation in the ASP Bootloader may allow a privileged attacker to... Moderate Unreviewed
CVE-2023-20525 was published Jan 11, 2023
SAS Logon Manager v9.4 was discovered to contain a vulnerability in the web UI which would allow... Moderate Unreviewed
CVE-2021-42186 was published Mar 11, 2022
In setDisplayPadding of WallpaperManagerService.java, there is a possible way to cause a... Moderate Unreviewed
CVE-2021-39690 was published Mar 17, 2022
Multiple CRLF injection vulnerabilities in Adobe ColdFusion 8.0 through 9.0.1 allow remote... Moderate Unreviewed
CVE-2011-0581 was published May 17, 2022
kio/kio/tcpslavebase.cpp in KDE KSSL in kdelibs before 4.6.1 does not properly verify that the... Moderate Unreviewed
CVE-2011-1094 was published May 17, 2022
Multiple CRLF injection vulnerabilities in (1) chfn and (2) chsh in shadow 1:4.1.4 allow local... Moderate Unreviewed
CVE-2011-0721 was published May 17, 2022
The tor_realloc function in Tor before 0.2.1.29 and 0.2.2.x before 0.2.2.21-alpha does not... Moderate Unreviewed
CVE-2011-0491 was published May 17, 2022
WebKit, as used in Apple Safari before 5.0.4 and iOS before 4.3, does not properly handle... Moderate Unreviewed
CVE-2011-0163 was published May 17, 2022
functions/page_header.php in SquirrelMail 1.4.21 and earlier does not prevent page rendering... Moderate Unreviewed
CVE-2010-4554 was published May 17, 2022
MobileSafari in Apple iOS before 4.3 does not properly implement application launching through... Moderate Unreviewed
CVE-2011-0158 was published May 17, 2022
The Relevant Content module 5.x before 5.x-1.4 and 6.x before 6.x-1.5 for Drupal does not... Moderate Unreviewed
CVE-2010-4775 was published May 17, 2022
Insufficient data validation in new tab page in Google Chrome prior to 96.0.4664.93 allowed a... Moderate Unreviewed
CVE-2021-4068 was published Dec 24, 2021
Insufficient data validation in loader in Google Chrome prior to 96.0.4664.93 allowed a remote... Moderate Unreviewed
CVE-2021-4059 was published Dec 24, 2021
This issue was addressed with a new entitlement. This issue is fixed in macOS Monterey 12.3. An... Moderate Unreviewed
CVE-2022-22660 was published Mar 19, 2022
A user interface issue was addressed. This issue is fixed in watchOS 8.5, Safari 15.4. Visiting a... Moderate Unreviewed
CVE-2022-22654 was published Mar 19, 2022
A flaw was found in ImageMagick. The vulnerability occurs due to improper use of open functions... Moderate Unreviewed
CVE-2021-4219 was published Mar 24, 2022
GE UR firmware versions prior to version 8.1x web server task does not properly handle receipt of... Moderate Unreviewed
CVE-2021-27420 was published Mar 24, 2022
Apple iOS before 4.2 does not properly validate signatures before displaying a configuration... Moderate Unreviewed
CVE-2010-3827 was published May 17, 2022
bareFTP 0.3.4 places a zero-length directory name in the LD_LIBRARY_PATH, which allows local... Moderate Unreviewed
CVE-2010-3350 was published May 17, 2022
ess.pm in NitroSecurity NitroView ESM 8.4.0a, when ESSPMDebug is enabled, allows remote attackers... Moderate Unreviewed
CVE-2010-4099 was published May 17, 2022
The wmem_block_split_free_chunk function in epan/wmem/wmem_allocator_block.c in the wmem block... Moderate Unreviewed
CVE-2015-6242 was published May 17, 2022
The dissect_wccp2r1_address_table_info function in epan/dissectors/packet-wccp.c in the WCCP... Moderate Unreviewed
CVE-2015-6249 was published May 17, 2022
The dissect_openflow_tablemod_v5 function in epan/dissectors/packet-openflow_v5.c in the OpenFlow... Moderate Unreviewed
CVE-2015-6247 was published May 17, 2022
Open Ticket Request System (OTRS) 2.3.x before 2.3.6 and 2.4.x before 2.4.8 does not properly... Moderate Unreviewed
CVE-2010-3476 was published May 17, 2022
ProTip! Advisories are also available from the GraphQL API