Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

318 advisories

Loading
A res_pjsip_session crash was discovered in Asterisk Open Source 13.x before 13.37.1, 16.x before... Moderate Unreviewed
CVE-2020-28327 was published May 24, 2022
A vulnerability in the ingress packet processing function of Cisco IOS XR Software for Cisco ASR... High Unreviewed
CVE-2020-26070 was published May 24, 2022
A potential DOS vulnerability was discovered in all versions of Gitlab starting from 13.4.x (>=13... Moderate Unreviewed
CVE-2020-26411 was published May 24, 2022
An attacker could send a specially crafted message to Crimson 3.1 (Build versions prior to 3119... Moderate Unreviewed
CVE-2020-27283 was published May 24, 2022
An issue was discovered in res_pjsip_session.c in Digium Asterisk through 13.38.1; 14.x, 15.x,... Moderate Unreviewed
CVE-2021-26906 was published May 24, 2022
A flaw was found in Undertow when using Remoting as shipped in Red Hat Jboss EAP before version 7... High Unreviewed
CVE-2019-19343 was published May 24, 2022
NVIDIA GPU Display Driver for Windows and Linux, R450 and R460 driver branch, contains a... Moderate Unreviewed
CVE-2021-1077 was published May 24, 2022
An issue was discovered in GNU LibreDWG 0.10. Crafted input will lead to an memory leak in... Moderate Unreviewed
CVE-2020-21839 was published May 24, 2022
Firefox for Android would become unstable and hard-to-recover when a website opened too many... Moderate Unreviewed
CVE-2021-29962 was published May 24, 2022
In Phoenix Contact FL SWITCH SMCS series products in multiple versions fragmented TCP-Packets may... Moderate Unreviewed
CVE-2021-21003 was published May 24, 2022
NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (vGPU plugin), where it... High Unreviewed
CVE-2021-1098 was published May 24, 2022
NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in firmware where the... Moderate Unreviewed
CVE-2021-1093 was published May 24, 2022
A vulnerability in an API of the Call Bridge feature of Cisco Meeting Server could allow an... High Unreviewed
CVE-2021-40122 was published May 24, 2022
Belledonne Belle-sip before 5.0.20 can crash applications such as Linphone via " \ " in the... High Unreviewed
CVE-2021-43611 was published May 24, 2022
A vulnerability affecting F-Secure antivirus engine was discovered whereby unpacking UPX file can... Moderate Unreviewed
CVE-2021-40833 was published May 24, 2022
An issue with ARP packets in Arista’s EOS affecting the 7800R3, 7500R3, and 7280R3 series of... High Unreviewed
CVE-2020-24360 was published May 24, 2022
If Ethernet communication of the JTEKT Corporation TOYOPUC product series’ (TOYOPUC-PC10 Series:... High Unreviewed
CVE-2021-27458 was published May 24, 2022
MariaDB Server before 10.7 is vulnerable to Denial of Service. In extra/mariabackup/ds_compress... Moderate Unreviewed
CVE-2022-31622 was published May 26, 2022
MariaDB Server before 10.7 is vulnerable to Denial of Service. While executing the plugin... Moderate Unreviewed
CVE-2022-31624 was published May 26, 2022
A Denial-of-Service (DoS) vulnerability was discovered in F-Secure Atlant and in certain... Moderate Unreviewed
CVE-2022-28875 was published May 26, 2022
PingID Windows Login prior to 2.8 is vulnerable to a denial of service condition on local... Moderate Unreviewed
CVE-2022-23717 was published Jul 1, 2022
Jetty SslConnection does not release pooled ByteBuffers in case of errors High
CVE-2022-2191 was published for org.eclipse.jetty:jetty-server (Maven) Jul 7, 2022
A vulnerability classified as critical has been found in TEM FLEX-1085 1.6.0. Affected is an... High Unreviewed
CVE-2022-2591 was published Aug 2, 2022
In BIG-IP Versions 17.0.x before 17.0.0.1 and 16.1.x before 16.1.3.1, when source-port preserve... Moderate Unreviewed
CVE-2022-35272 was published Aug 5, 2022
In BIG-IP Versions 16.1.x before 16.1.2.2, 15.1.x before 15.1.6.1, and 14.1.x before 14.1.5, when... High Unreviewed
CVE-2022-35240 was published Aug 5, 2022
ProTip! Advisories are also available from the GraphQL API