GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
72 advisories
Filter by severity
An Incomplete Comparison with Missing Factors vulnerability in the Gallagher Controller allows an...
High
Unreviewed
CVE-2021-23146
was published
Nov 19, 2021
An issue has been discovered in GitLab CE/EE affecting all versions starting from 12.9 before 14...
Moderate
Unreviewed
CVE-2021-39917
was published
Dec 14, 2021
An issue was discovered in split_region in uc.c in Unicorn Engine before 2.0.0-rc5. It allows...
High
Unreviewed
CVE-2021-44078
was published
Dec 27, 2021
A Segmentation fault caused by a floating point exception exists in Gpac through 1.0.1 using...
Moderate
Unreviewed
CVE-2021-40562
was published
Jan 13, 2022
A limited authentication bypass vulnerability was discovered that could allow an attacker to...
High
Unreviewed
CVE-2022-22990
was published
Jan 14, 2022
On BIG-IP versions 15.1.x before 15.1.4, 14.1.x before 14.1.4.4, 13.1.x beginning in 13.1.3.6, 12...
Moderate
Unreviewed
CVE-2022-23027
was published
Jan 26, 2022
This vulnerability allows network-adjacent attackers to bypass authentication on affected...
High
Unreviewed
CVE-2021-34865
was published
Jan 26, 2022
Incorrect Comparison, Permissive List of Allowed Inputs, and Privilege Context Switching Error in PostgreSQL
Critical
Unreviewed
CVE-2020-25696
was published
Feb 15, 2022
In search engine service, there is a possible way to change the default search engine due to an...
Moderate
Unreviewed
CVE-2022-20072
was published
Apr 12, 2022
xattr.c in the ext2 and ext3 file system code for Linux kernel 2.6 does not properly compare the...
Moderate
Unreviewed
CVE-2005-2801
was published
May 1, 2022
Google Chrome before 16.0.912.63 does not properly perform regex matching, which allows remote...
Moderate
Unreviewed
CVE-2011-3903
was published
May 13, 2022
Incorrect HTTP Request header comparison in Squid HTTP Proxy 3.5.0.1 through 3.5.22, and 4.0.1...
High
Unreviewed
CVE-2016-10003
was published
May 17, 2022
This vulnerability allows network-adjacent attackers to bypass authentication on affected...
High
Unreviewed
CVE-2020-8864
was published
May 24, 2022
An issue was discovered in Proofpoint Email Protection through 2019-09-08. By collecting scores...
Moderate
Unreviewed
CVE-2019-20634
was published
May 24, 2022
A flaw was found in openshift-ansible. OpenShift Container Platform (OCP) 3.11 is too permissive...
Moderate
Unreviewed
CVE-2020-1741
was published
May 24, 2022
An unauthenticated client can trigger denial of service by issuing specially crafted wire...
High
Unreviewed
CVE-2019-20925
was published
May 24, 2022
A denial-of-service vulnerability exists in the traffic-logging functionality of FreyrSCADA IEC...
High
Unreviewed
CVE-2020-13559
was published
May 24, 2022
oscommerce v2.3.4.1 has a functional problem in user registration and password rechecking, where...
Critical
Unreviewed
CVE-2020-23360
was published
May 24, 2022
WeBid 1.2.2 admin/newuser.php has an issue with password rechecking during registration because...
Critical
Unreviewed
CVE-2020-23359
was published
May 24, 2022
phpList 3.5.3 allows type juggling for login bypass because == is used instead of === for...
Critical
Unreviewed
CVE-2020-23361
was published
May 24, 2022
A denial of service vulnerability was found in n_tty_receive_char_special in drivers/tty/n_tty.c...
Moderate
Unreviewed
CVE-2021-20219
was published
May 24, 2022
The Sieve engine in Dovecot before 2.3.15 allows Uncontrolled Resource Consumption, as...
Moderate
Unreviewed
CVE-2020-28200
was published
May 24, 2022
A vulnerability in the Distance Vector Multicast Routing Protocol (DVMRP) of Juniper Networks...
Moderate
Unreviewed
CVE-2021-0295
was published
May 24, 2022
chatwoot is vulnerable to Inefficient Regular Expression Complexity
High
Unreviewed
CVE-2021-3649
was published
May 24, 2022
In JetBrains YouTrack before 2021.2.16363, time-unsafe comparisons were used.
High
Unreviewed
CVE-2021-37550
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API