Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

318 advisories

Loading
** UNSUPPORTED WHEN ASSIGNED ** A vulnerability, which was classified as problematic, has been... Moderate Unreviewed
CVE-2017-20014 was published Mar 29, 2022
** UNSUPPORTED WHEN ASSIGNED ** A vulnerability classified as problematic has been found in WEKA... Moderate Unreviewed
CVE-2017-20012 was published Mar 29, 2022
** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in WEKA INTEREST Security Scanner 1.8.... Moderate Unreviewed
CVE-2017-20011 was published Mar 29, 2022
BIND 9.16.11 -> 9.16.26, 9.17.0 -> 9.18.0 and versions 9.16.11-S1 -> 9.16.26-S1 of the BIND... Moderate Unreviewed
CVE-2022-0396 was published Mar 24, 2022
TeamViewer Linux versions before 15.28 do not properly execute a deletion command for the... Moderate Unreviewed
CVE-2022-23242 was published Mar 24, 2022
Tor Browser 9.0.7 on Windows 10 build 10586 is vulnerable to information disclosure. This could... Moderate Unreviewed
CVE-2021-46702 was published Feb 27, 2022
Denial of Service in Packetbeat High
CVE-2017-11480 was published for github.com/elastic/beats (Go) Feb 15, 2022
Puma used with Rails may lead to Information Exposure High
CVE-2022-23634 was published for puma (RubyGems) Feb 11, 2022
byroot
A DoS attack in the web application of D-Link DIR-X1860 before v1.10WWB09_Beta allows a remote... High Unreviewed
CVE-2021-41441 was published Feb 10, 2022
On BIG-IP versions 16.x before 16.1.0, 15.1.x before 15.1.4.1, 14.1.x before 14.1.4.4, and all... High Unreviewed
CVE-2022-23010 was published Jan 26, 2022
Duktape v2.99.99 was discovered to contain a SEGV vulnerability via the component duk_push_tval... Moderate Unreviewed
CVE-2021-46322 was published Jan 21, 2022
Guest can force Linux netback driver to hog large amounts of kernel memory T[his CNA information... Moderate Unreviewed
CVE-2021-28715 was published Jan 7, 2022
Guest can force Linux netback driver to hog large amounts of kernel memory T[his CNA information... Moderate Unreviewed
CVE-2021-28714 was published Jan 7, 2022
HDF5 1.13.1-1 is affected by: segmentation fault, which causes a Denial of Service. Moderate Unreviewed
CVE-2021-45829 was published Jan 4, 2022
The TCP Server module in toxcore before 0.2.8 doesn't free the TCP priority queue under certain... High Unreviewed
CVE-2018-25021 was published Dec 14, 2021
Improper Resource Shutdown or Release in TYPO3 extension High
CVE-2021-38623 was published for webcoast/deferred-image-processing (Composer) Aug 30, 2021
Improper Resource Shutdown or Release in HashiCorp Vault High
CVE-2020-7220 was published for github.com/hashicorp/vault (Go) Jul 28, 2021
Pyopenssl Incorrect Memory Management Moderate
CVE-2018-1000808 was published for pyopenssl (pip) Oct 10, 2018
ProTip! Advisories are also available from the GraphQL API