Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
49
GitHub Actions
49
Go
3,479
Maven
5,000+
npm
5,000+
NuGet
886
pip
4,740
Pub
13
RubyGems
1,031
Rust
1,225
Swift
53
Unreviewed advisories
All unreviewed
5,000+

517 advisories

Loading
Denial of Service (DoS) in mongo-express Moderate
CVE-2021-23372 was published for mongo-express (npm) Oct 6, 2021
Incorrect handling of H2 GOAWAY + SETTINGS frames High
CVE-2021-39162 was published for github.com/pomerium/pomerium (Go) Sep 10, 2021
Authz Module Non-Determinism Moderate
CVE-2021-41135 was published for github.com/cosmos/cosmos-sdk (Go) Oct 21, 2021
robert-zaremba Credited to robert-zaremba and iramiller iramiller iramiller
Unauthorized client-side property update in UIDL request handler in Vaadin 10 and 11 Low
CVE-2018-25007 was published for com.vaadin:flow-server (Maven) Apr 19, 2021
When configuring a stateless firewall filter in Junos OS, terms named using the format "internal... Critical Unreviewed
CVE-2019-0036 was published May 13, 2022
A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists in... High Unreviewed
CVE-2019-6831 was published May 24, 2022
gio/gsocketclient.c in GNOME GLib 2.59.2 does not ensure that a parent GTask remains alive during... Moderate Unreviewed
CVE-2019-9633 was published May 13, 2022
An Improper Check for Unusual or Exceptional Conditions vulnerability exists in Schneider... High Unreviewed
CVE-2018-7789 was published May 13, 2022
Improper Check for Unusual or Exceptional Conditions in Connect2id Nimbus JOSE+JWT Critical
CVE-2019-17195 was published for com.nimbusds:nimbus-jose-jwt (Maven) Oct 16, 2019
Nginx NJS v0.7.2 was discovered to contain a segmentation violation via njs_lvlhsh_bucket_find at... High Unreviewed
CVE-2022-29369 was published May 13, 2022
On F5 BIG-IP 16.1.x versions prior to 16.1.2.2, 15.1.x versions prior to 15.1.5.1, 14.1.x... Moderate Unreviewed
CVE-2022-26130 was published May 6, 2022
On F5 BIG-IP 15.1.x versions prior to 15.1.5.1, 14.1.x versions prior to 14.1.4.6, and 13.1.x... High Unreviewed
CVE-2022-29473 was published May 6, 2022
On F5 BIG-IP 16.1.x versions prior to 16.1.2 and 15.1.x versions prior to 15.1.5.1, when the DNS... High Unreviewed
CVE-2022-28706 was published May 6, 2022
Given the TEE is compromised and controlled by the attacker, improper state maintenance in... Moderate Unreviewed
CVE-2022-28793 was published May 4, 2022
Improper Check for Unusual or Exceptional Conditions vulnerability in handling the requests to... Moderate Unreviewed
CVE-2022-37392 was published Dec 19, 2022
Improper Check for Unusual or Exceptional Conditions vulnerability handling requests in Apache... High Unreviewed
CVE-2022-32749 was published Dec 19, 2022
Improper conditions check in the voltage modulation interface for some Intel(R) Xeon(R) Scalable... Low Unreviewed
CVE-2019-11139 was published May 24, 2022
XPDF commit ffaf11c was discovered to contain a segmentation violation via DCTStream::getChar()... Moderate Unreviewed
CVE-2022-38235 was published Aug 17, 2022
SWFMill commit 53d7690 was discovered to contain a segmentation violation via SWF::Reader:... Moderate Unreviewed
CVE-2022-36145 was published Aug 17, 2022
SWFMill commit 53d7690 was discovered to contain a segmentation violation via SWF::MethodBody:... Moderate Unreviewed
CVE-2022-36141 was published Aug 17, 2022
XPDF commit ffaf11c was discovered to contain a segmentation violation via Lexer::getObj(Object*)... Moderate Unreviewed
CVE-2022-38234 was published Aug 17, 2022
SWFMill commit 53d7690 was discovered to contain a segmentation violation via SWF:... Moderate Unreviewed
CVE-2022-36140 was published Aug 17, 2022
XPDF commit ffaf11c was discovered to contain a segmentation violation via DCTStream::readMCURow(... Moderate Unreviewed
CVE-2022-38233 was published Aug 17, 2022
An exploitable unhandled exception vulnerability exists in multiple APIs of CPP-Ethereum JSON-RPC... High Unreviewed
CVE-2017-12119 was published May 13, 2022
Sylabs Singularity 3.5.x and 3.6.x, and SingularityPRO before 3.5-8, has an Incorrect Check of a... Critical Unreviewed
CVE-2021-33622 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database