GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
169 advisories
Filter by severity
A Denial-of-Service (DoS) vulnerability was discovered in F-Secure Atlant and in certain...
Moderate
Unreviewed
CVE-2022-28875
was published
May 26, 2022
MariaDB Server before 10.7 is vulnerable to Denial of Service. In extra/mariabackup/ds_compress...
Moderate
Unreviewed
CVE-2022-31622
was published
May 26, 2022
MariaDB Server before 10.7 is vulnerable to Denial of Service. While executing the plugin...
Moderate
Unreviewed
CVE-2022-31624
was published
May 26, 2022
A vulnerability affecting F-Secure antivirus engine was discovered whereby unpacking UPX file can...
Moderate
Unreviewed
CVE-2021-40833
was published
May 24, 2022
NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in firmware where the...
Moderate
Unreviewed
CVE-2021-1093
was published
May 24, 2022
In Phoenix Contact FL SWITCH SMCS series products in multiple versions fragmented TCP-Packets may...
Moderate
Unreviewed
CVE-2021-21003
was published
May 24, 2022
Firefox for Android would become unstable and hard-to-recover when a website opened too many...
Moderate
Unreviewed
CVE-2021-29962
was published
May 24, 2022
An issue was discovered in GNU LibreDWG 0.10. Crafted input will lead to an memory leak in...
Moderate
Unreviewed
CVE-2020-21839
was published
May 24, 2022
NVIDIA GPU Display Driver for Windows and Linux, R450 and R460 driver branch, contains a...
Moderate
Unreviewed
CVE-2021-1077
was published
May 24, 2022
An issue was discovered in res_pjsip_session.c in Digium Asterisk through 13.38.1; 14.x, 15.x,...
Moderate
Unreviewed
CVE-2021-26906
was published
May 24, 2022
An attacker could send a specially crafted message to Crimson 3.1 (Build versions prior to 3119...
Moderate
Unreviewed
CVE-2020-27283
was published
May 24, 2022
A potential DOS vulnerability was discovered in all versions of Gitlab starting from 13.4.x (>=13...
Moderate
Unreviewed
CVE-2020-26411
was published
May 24, 2022
A res_pjsip_session crash was discovered in Asterisk Open Source 13.x before 13.37.1, 16.x before...
Moderate
Unreviewed
CVE-2020-28327
was published
May 24, 2022
A vulnerability was found in Wildfly's Enterprise Java Beans (EJB) versions shipped with Red Hat...
Moderate
Unreviewed
CVE-2020-14307
was published
May 24, 2022
Unless a nameserver is providing authoritative service for one or more zones and at least one...
Moderate
Unreviewed
CVE-2020-8619
was published
May 24, 2022
Trustwave ModSecurity 3.0.0 through 3.0.3 allows an attacker to send crafted requests that may,...
Moderate
Unreviewed
CVE-2019-19886
was published
May 24, 2022
A vulnerability in the remote access VPN session manager of Cisco Adaptive Security Appliance ...
Moderate
Unreviewed
CVE-2019-1705
was published
May 24, 2022
drivers/hid/hid-cp2112.c in the Linux kernel 4.9.x before 4.9.9 uses a spinlock without...
Moderate
Unreviewed
CVE-2017-8071
was published
May 17, 2022
The NFSv4 implementation in the Linux kernel through 4.11.1 allows local users to cause a denial...
Moderate
Unreviewed
CVE-2017-9059
was published
May 13, 2022
The omninet_open function in drivers/usb/serial/omninet.c in the Linux kernel before 4.10.4...
Moderate
Unreviewed
CVE-2017-8925
was published
May 13, 2022
The KEYS subsystem in the Linux kernel before 4.10.13 allows local users to cause a denial of...
Moderate
Unreviewed
CVE-2017-7472
was published
May 13, 2022
A denial of service vulnerability in the Android media framework (libmediaplayerservice). Product...
Moderate
Unreviewed
CVE-2017-0733
was published
May 13, 2022
Wago 750 Series PLCs with firmware version 10 and prior include a remote attack may take...
Moderate
Unreviewed
CVE-2018-8836
was published
May 13, 2022
Exim supports the use of multiple "-p" command line arguments which are malloc()'ed and never...
Moderate
Unreviewed
CVE-2017-1000369
was published
May 13, 2022
RSA BSAFE Micro Edition Suite, versions prior to 4.0.11 (in 4.0.x) and prior to 4.1.6.1 (in 4.1.x...
Moderate
Unreviewed
CVE-2018-11055
was published
May 13, 2022
ProTip!
Advisories are also available from the
GraphQL API