GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,248
Erlang
31
GitHub Actions
21
Go
2,016
Maven
5,000+
npm
3,721
NuGet
662
pip
3,400
Pub
11
RubyGems
890
Rust
852
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
4,479 advisories
Filter by severity
Improper Input Validation in yargs-parser
Moderate
Unreviewed
GHSA-ghmj-crg5-xw2j
was published
Feb 15, 2022
Insufficient syscall input validation in the ASP Bootloader may allow a privileged attacker to...
Moderate
Unreviewed
CVE-2023-20525
was published
Jan 11, 2023
SAS Logon Manager v9.4 was discovered to contain a vulnerability in the web UI which would allow...
Moderate
Unreviewed
CVE-2021-42186
was published
Mar 11, 2022
In setDisplayPadding of WallpaperManagerService.java, there is a possible way to cause a...
Moderate
Unreviewed
CVE-2021-39690
was published
Mar 17, 2022
Multiple CRLF injection vulnerabilities in Adobe ColdFusion 8.0 through 9.0.1 allow remote...
Moderate
Unreviewed
CVE-2011-0581
was published
May 17, 2022
kio/kio/tcpslavebase.cpp in KDE KSSL in kdelibs before 4.6.1 does not properly verify that the...
Moderate
Unreviewed
CVE-2011-1094
was published
May 17, 2022
Multiple CRLF injection vulnerabilities in (1) chfn and (2) chsh in shadow 1:4.1.4 allow local...
Moderate
Unreviewed
CVE-2011-0721
was published
May 17, 2022
The tor_realloc function in Tor before 0.2.1.29 and 0.2.2.x before 0.2.2.21-alpha does not...
Moderate
Unreviewed
CVE-2011-0491
was published
May 17, 2022
WebKit, as used in Apple Safari before 5.0.4 and iOS before 4.3, does not properly handle...
Moderate
Unreviewed
CVE-2011-0163
was published
May 17, 2022
functions/page_header.php in SquirrelMail 1.4.21 and earlier does not prevent page rendering...
Moderate
Unreviewed
CVE-2010-4554
was published
May 17, 2022
MobileSafari in Apple iOS before 4.3 does not properly implement application launching through...
Moderate
Unreviewed
CVE-2011-0158
was published
May 17, 2022
The Relevant Content module 5.x before 5.x-1.4 and 6.x before 6.x-1.5 for Drupal does not...
Moderate
Unreviewed
CVE-2010-4775
was published
May 17, 2022
Insufficient data validation in new tab page in Google Chrome prior to 96.0.4664.93 allowed a...
Moderate
Unreviewed
CVE-2021-4068
was published
Dec 24, 2021
Insufficient data validation in loader in Google Chrome prior to 96.0.4664.93 allowed a remote...
Moderate
Unreviewed
CVE-2021-4059
was published
Dec 24, 2021
This issue was addressed with a new entitlement. This issue is fixed in macOS Monterey 12.3. An...
Moderate
Unreviewed
CVE-2022-22660
was published
Mar 19, 2022
A user interface issue was addressed. This issue is fixed in watchOS 8.5, Safari 15.4. Visiting a...
Moderate
Unreviewed
CVE-2022-22654
was published
Mar 19, 2022
A flaw was found in ImageMagick. The vulnerability occurs due to improper use of open functions...
Moderate
Unreviewed
CVE-2021-4219
was published
Mar 24, 2022
GE UR firmware versions prior to version 8.1x web server task does not properly handle receipt of...
Moderate
Unreviewed
CVE-2021-27420
was published
Mar 24, 2022
Apple iOS before 4.2 does not properly validate signatures before displaying a configuration...
Moderate
Unreviewed
CVE-2010-3827
was published
May 17, 2022
ess.pm in NitroSecurity NitroView ESM 8.4.0a, when ESSPMDebug is enabled, allows remote attackers...
Moderate
Unreviewed
CVE-2010-4099
was published
May 17, 2022
bareFTP 0.3.4 places a zero-length directory name in the LD_LIBRARY_PATH, which allows local...
Moderate
Unreviewed
CVE-2010-3350
was published
May 17, 2022
The wmem_block_split_free_chunk function in epan/wmem/wmem_allocator_block.c in the wmem block...
Moderate
Unreviewed
CVE-2015-6242
was published
May 17, 2022
The dissect_openflow_tablemod_v5 function in epan/dissectors/packet-openflow_v5.c in the OpenFlow...
Moderate
Unreviewed
CVE-2015-6247
was published
May 17, 2022
The dissect_wccp2r1_address_table_info function in epan/dissectors/packet-wccp.c in the WCCP...
Moderate
Unreviewed
CVE-2015-6249
was published
May 17, 2022
Open Ticket Request System (OTRS) 2.3.x before 2.3.6 and 2.4.x before 2.4.8 does not properly...
Moderate
Unreviewed
CVE-2010-3476
was published
May 17, 2022
ProTip!
Advisories are also available from the
GraphQL API