GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,270
Erlang
31
GitHub Actions
21
Go
2,046
Maven
5,000+
npm
3,737
NuGet
663
pip
3,415
Pub
12
RubyGems
891
Rust
868
Swift
36
Unreviewed advisories
All unreviewed
5,000+
100 advisories
Filter by severity
A vulnerability in the HCI Modbus TCP COMPONENT of Hitachi Energy RTU500 series CMU Firmware that...
High
Unreviewed
CVE-2022-28613
was published
May 3, 2022
src/sdp.c in bluez-libs 3.30 in BlueZ, and other bluez-libs before 3.34 and bluez-utils before 3...
High
Unreviewed
CVE-2008-2374
was published
May 1, 2022
Microsoft Windows XP SP2 and SP3, and Server 2003 SP1 and SP2, does not properly validate the...
High
Unreviewed
CVE-2008-1440
was published
May 1, 2022
A heap-based buffer overflow vulnerability exists in the XWD parser functionality of Accusoft...
High
Unreviewed
CVE-2021-21943
was published
Apr 15, 2022
Buffer overflow vulnerabilities exist in FRRouting through 8.1.0 due to wrong checks on the input...
High
Unreviewed
CVE-2022-26125
was published
Mar 4, 2022
A buffer overflow vulnerability exists in FRRouting through 8.1.0 due to a wrong check on the...
High
Unreviewed
CVE-2022-26128
was published
Mar 4, 2022
A buffer overflow vulnerability exists in FRRouting through 8.1.0 due to missing a check on the...
High
Unreviewed
CVE-2022-26127
was published
Mar 4, 2022
Unauthenticated control plane denial of service attack in Istio
High
CVE-2022-23635
was published
for
istio.io/istio
(Go)
Feb 23, 2022
Microweber vulnerable to Improper Validation of Specified Quantity in Input
Moderate
CVE-2022-0596
was published
for
microweber/microweber
(Composer)
Feb 16, 2022
The Popup | Custom Popup Builder WordPress plugin before 1.3.1 autoload data from its popup on...
High
Unreviewed
CVE-2022-0214
was published
Feb 15, 2022
Multiple vulnerabilities in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers...
Critical
Unreviewed
CVE-2022-20699
was published
Feb 11, 2022
Improper Validation of Specified Quantity in Input in Eclipse Hono
High
CVE-2020-27217
was published
for
org.eclipse.hono:hono-core
(Maven)
Feb 10, 2022
A stack-based buffer overflow vulnerability exists in both the LLMNR functionality of Sealevel...
Critical
Unreviewed
CVE-2021-21960
was published
Feb 10, 2022
A vulnerability has been identified in Simcenter Femap V2020.2 (All versions), Simcenter Femap...
High
Unreviewed
CVE-2021-46158
was published
Feb 10, 2022
Abort caused by allocating a vector that is too large in Tensorflow
Moderate
CVE-2022-23580
was published
for
tensorflow
(pip)
Feb 7, 2022
Dolibarr vulnerable to Improper Validation of Specified Quantity in Input
Moderate
CVE-2022-0414
was published
for
dolibarr/dolibarr
(Composer)
Feb 1, 2022
An Improper Validation of Specified Quantity in Input vulnerability in the routing protocol...
Moderate
Unreviewed
CVE-2022-22166
was published
Jan 20, 2022
Logic error in dolibarr
Moderate
CVE-2022-0174
was published
for
dolibarr/dolibarr
(Composer)
Jan 12, 2022
ASUS RT-AX56U Wi-Fi Router is vulnerable to stack-based buffer overflow due to improper...
High
Unreviewed
CVE-2021-44158
was published
Jan 4, 2022
In Open5GS 2.4.0, a crafted packet from UE can crash SGW-U/UPF.
High
Unreviewed
CVE-2021-45462
was published
Dec 24, 2021
An out-of-bounds write vulnerability exists in the CMD_DEVICE_GET_SERVER_LIST_REQUEST...
Critical
Unreviewed
CVE-2021-21950
was published
Dec 9, 2021
An out-of-bounds write vulnerability exists in the CMD_DEVICE_GET_SERVER_LIST_REQUEST...
Critical
Unreviewed
CVE-2021-21951
was published
Dec 9, 2021
Transaction validity oversight in pallet-ethereum
Moderate
CVE-2021-39193
was published
for
pallet-ethereum
(Rust)
Sep 1, 2021
Incomplete validation in `MaxPoolGrad`
Moderate
CVE-2021-37674
was published
for
tensorflow
(pip)
Aug 25, 2021
Missing validation in shape inference for `Dequantize`
Moderate
CVE-2021-37677
was published
for
tensorflow
(pip)
Aug 25, 2021
ProTip!
Advisories are also available from the
GraphQL API