Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,198
Erlang
31
GitHub Actions
19
Go
1,986
Maven
5,000+
npm
3,702
NuGet
660
pip
3,328
Pub
11
RubyGems
883
Rust
843
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

4,451 advisories

Loading
Improper Input Validation in yargs-parser Moderate Unreviewed
GHSA-ghmj-crg5-xw2j was published Feb 15, 2022
Insufficient syscall input validation in the ASP Bootloader may allow a privileged attacker to... Moderate Unreviewed
CVE-2023-20525 was published Jan 11, 2023
SAS Logon Manager v9.4 was discovered to contain a vulnerability in the web UI which would allow... Moderate Unreviewed
CVE-2021-42186 was published Mar 11, 2022
In setDisplayPadding of WallpaperManagerService.java, there is a possible way to cause a... Moderate Unreviewed
CVE-2021-39690 was published Mar 17, 2022
kio/kio/tcpslavebase.cpp in KDE KSSL in kdelibs before 4.6.1 does not properly verify that the... Moderate Unreviewed
CVE-2011-1094 was published May 17, 2022
Multiple CRLF injection vulnerabilities in Adobe ColdFusion 8.0 through 9.0.1 allow remote... Moderate Unreviewed
CVE-2011-0581 was published May 17, 2022
Multiple CRLF injection vulnerabilities in (1) chfn and (2) chsh in shadow 1:4.1.4 allow local... Moderate Unreviewed
CVE-2011-0721 was published May 17, 2022
The tor_realloc function in Tor before 0.2.1.29 and 0.2.2.x before 0.2.2.21-alpha does not... Moderate Unreviewed
CVE-2011-0491 was published May 17, 2022
WebKit, as used in Apple Safari before 5.0.4 and iOS before 4.3, does not properly handle... Moderate Unreviewed
CVE-2011-0163 was published May 17, 2022
MobileSafari in Apple iOS before 4.3 does not properly implement application launching through... Moderate Unreviewed
CVE-2011-0158 was published May 17, 2022
functions/page_header.php in SquirrelMail 1.4.21 and earlier does not prevent page rendering... Moderate Unreviewed
CVE-2010-4554 was published May 17, 2022
The Relevant Content module 5.x before 5.x-1.4 and 6.x before 6.x-1.5 for Drupal does not... Moderate Unreviewed
CVE-2010-4775 was published May 17, 2022
Insufficient data validation in new tab page in Google Chrome prior to 96.0.4664.93 allowed a... Moderate Unreviewed
CVE-2021-4068 was published Dec 24, 2021
Insufficient data validation in loader in Google Chrome prior to 96.0.4664.93 allowed a remote... Moderate Unreviewed
CVE-2021-4059 was published Dec 24, 2021
This issue was addressed with a new entitlement. This issue is fixed in macOS Monterey 12.3. An... Moderate Unreviewed
CVE-2022-22660 was published Mar 19, 2022
A user interface issue was addressed. This issue is fixed in watchOS 8.5, Safari 15.4. Visiting a... Moderate Unreviewed
CVE-2022-22654 was published Mar 19, 2022
A flaw was found in ImageMagick. The vulnerability occurs due to improper use of open functions... Moderate Unreviewed
CVE-2021-4219 was published Mar 24, 2022
GE UR firmware versions prior to version 8.1x web server task does not properly handle receipt of... Moderate Unreviewed
CVE-2021-27420 was published Mar 24, 2022
Apple iOS before 4.2 does not properly validate signatures before displaying a configuration... Moderate Unreviewed
CVE-2010-3827 was published May 17, 2022
ess.pm in NitroSecurity NitroView ESM 8.4.0a, when ESSPMDebug is enabled, allows remote attackers... Moderate Unreviewed
CVE-2010-4099 was published May 17, 2022
bareFTP 0.3.4 places a zero-length directory name in the LD_LIBRARY_PATH, which allows local... Moderate Unreviewed
CVE-2010-3350 was published May 17, 2022
The wmem_block_split_free_chunk function in epan/wmem/wmem_allocator_block.c in the wmem block... Moderate Unreviewed
CVE-2015-6242 was published May 17, 2022
The dissect_wccp2r1_address_table_info function in epan/dissectors/packet-wccp.c in the WCCP... Moderate Unreviewed
CVE-2015-6249 was published May 17, 2022
The dissect_openflow_tablemod_v5 function in epan/dissectors/packet-openflow_v5.c in the OpenFlow... Moderate Unreviewed
CVE-2015-6247 was published May 17, 2022
Open Ticket Request System (OTRS) 2.3.x before 2.3.6 and 2.4.x before 2.4.8 does not properly... Moderate Unreviewed
CVE-2010-3476 was published May 17, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database