GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,134
Erlang
29
GitHub Actions
19
Go
1,941
Maven
5,000+
npm
3,681
NuGet
650
pip
3,298
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+
4,643 advisories
Filter by severity
Improper input validation in all versions of GitLab CE/EE using sendmail to send emails allowed...
High
Unreviewed
CVE-2022-0741
was published
Apr 3, 2022
Improper Input Validation vulnerability in ABB 800xA, Control Software for AC 800M, Control...
High
Unreviewed
CVE-2021-22277
was published
Apr 3, 2022
In Audio Aurisys HAL, there is a possible permission bypass due to a missing permission check....
High
Unreviewed
CVE-2021-0673
was published
Dec 18, 2021
In Settings, there is a possible way to display an incorrect app name due to improper input...
High
Unreviewed
CVE-2021-39764
was published
Mar 31, 2022
In Settings, there is a possible way to misrepresent which app wants to add a wifi network due to...
High
Unreviewed
CVE-2021-39771
was published
Mar 31, 2022
Improper input validation vulnerability in pfSense CE and pfSense Plus (pfSense CE software...
High
Unreviewed
CVE-2022-24299
was published
Apr 1, 2022
In Settings, there is a possible way to make the user enable WiFi due to improper input...
High
Unreviewed
CVE-2021-39763
was published
Mar 31, 2022
The (1) ActiveMatrix Runtime and (2) ActiveMatrix Administrator components in TIBCO ActiveMatrix...
High
Unreviewed
CVE-2010-3491
was published
May 17, 2022
Unrestricted Upload of File with Dangerous Type in Gogs
High
CVE-2022-0415
was published
for
gogs.io/gogs
(Go)
Mar 28, 2022
This vulnerability can be exploited by parsing maliciously crafted project files with Horner...
High
Unreviewed
CVE-2021-44462
was published
Mar 26, 2022
The lack of validation of a key-value field in the Splunk-to-Splunk protocol results in a denial...
High
Unreviewed
CVE-2021-3422
was published
Mar 26, 2022
Improper Input Validation vulnerability in request line parsing of Apache Traffic Server allows...
High
Unreviewed
CVE-2021-44040
was published
Mar 24, 2022
SolarWinds received a report of a vulnerability related to an input that was not sanitized in...
High
Unreviewed
CVE-2021-35254
was published
Mar 26, 2022
A logic issue was addressed with improved restrictions. This issue is fixed in iOS 15.4 and...
High
Unreviewed
CVE-2022-22653
was published
Mar 19, 2022
Path traversal in elFinder.NetCore
High
CVE-2021-23428
was published
for
elFinder.NetCore
(NuGet)
Sep 2, 2021
Cisco Adaptive Security Appliances (ASA) 5500 series devices with software before 8.2(3) do not...
High
Unreviewed
CVE-2010-4679
was published
May 17, 2022
Regular Expression Denial-of-Service in npm schema-inspector
High
CVE-2021-21267
was published
for
schema-inspector
(npm)
Mar 19, 2021
xrdb.c in xrdb before 1.0.9 in X.Org X11R7.6 and earlier allows remote attackers to execute...
High
Unreviewed
CVE-2011-0465
was published
May 17, 2022
In serviceConnection of ControlsProviderLifecycleManager.kt, there is a possible way to keep...
High
Unreviewed
CVE-2021-39701
was published
Mar 17, 2022
The icmp6_send function in net/ipv6/icmp.c in the Linux kernel through 4.8.12 omits a certain...
High
Unreviewed
CVE-2016-9919
was published
May 17, 2022
Sanitize vulnerable to Improper Input Validation and Cross-site Scripting
High
CVE-2018-3740
was published
for
sanitize
(RubyGems)
Mar 21, 2018
gatsby-transformer-remark has possible unsanitized JavaScript code injection
High
CVE-2023-22491
was published
for
gatsby-transformer-remark
(npm)
Jan 11, 2023
Improper Input Validation vulnerability in header parsing of Apache Traffic Server allows an...
High
Unreviewed
CVE-2021-37150
was published
Aug 11, 2022
Improper Input Validation vulnerability in HTTP/1.1 header parsing of Apache Traffic Server...
High
Unreviewed
CVE-2022-28129
was published
Aug 11, 2022
Insufficient type validation in pocketmine/pocketmine-mp
High
GHSA-g5rr-p69h-7v3g
was published
for
pocketmine/pocketmine-mp
(Composer)
Apr 22, 2022
ProTip!
Advisories are also available from the
GraphQL API