Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
57
GitHub Actions
50
Go
3,767
Maven
5,000+
npm
5,000+
NuGet
937
pip
4,999
Pub
13
RubyGems
1,058
Rust
1,347
Swift
54
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

49 advisories

Loading
IBM Sterling Partner Engagement Manager 6.2.0 could allow an attacker to impersonate another user... High Unreviewed
CVE-2022-22332 was published Apr 2, 2022
An Operation on a Resource after Expiration or Release vulnerability in the Routing Protocol... High Unreviewed
CVE-2022-22197 was published Apr 15, 2022
User invites for Funkwhale v1.2.8 do not permanently expire after being used for signup and can... Moderate Unreviewed
CVE-2022-45292 was published Dec 10, 2022
A denial-of-service vulnerability exists in the Ethernet/IP server functionality of the EIP Stack... High Unreviewed
CVE-2020-13530 was published May 24, 2022
When Responsive Design Mode was enabled, it used references to objects that were previously freed... High Unreviewed
CVE-2021-23995 was published May 24, 2022
TigerVNC version prior to 1.10.1 is vulnerable to stack use-after-return, which occurs due to... High Unreviewed
CVE-2019-15691 was published May 24, 2022
A flaw was found in OpenStack. The application credential tokens can be used even after they have... High Unreviewed
CVE-2022-2447 was published Sep 2, 2022
An elevation of privilege vulnerability in CameraBase could enable a local malicious application... High Unreviewed
CVE-2017-0544 was published May 13, 2022
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the... High Unreviewed
CVE-2017-14895 was published May 13, 2022
get_gate_page in mm/gup.c in the Linux kernel 5.7.x and 5.8.x before 5.8.7 allows privilege... High Unreviewed
CVE-2020-25221 was published May 24, 2022
An issue with app access to camera data was addressed with improved logic. This issue is fixed in... Low Unreviewed
CVE-2022-42838 was published Feb 27, 2023
A vulnerability has been identified in SIMATIC Drive Controller family (All versions < V2.9.4),... High Unreviewed
CVE-2021-37185 was published Feb 10, 2022
A vulnerability has been identified in SIMATIC Drive Controller family (All versions < V2.9.4),... High Unreviewed
CVE-2021-37204 was published Feb 10, 2022
Philips Vue PACS versions 12.2.x.x and prior uses a cryptographic key or password past its... High Unreviewed
CVE-2021-33020 was published Apr 3, 2022
A flaw was found in the QEMU Virtio PCI Bindings (hw/virtio/virtio-pci.c). An improper release... Moderate Unreviewed
CVE-2024-4693 was published May 14, 2024
When the NGINX Plus is configured to use the MQTT pre-read module, undisclosed requests can cause... High Unreviewed
CVE-2024-39792 was published Aug 14, 2024
TouchLink packets processed after timeout or out of range due to Operation on a Resource after... Critical Unreviewed
CVE-2023-41094 was published Oct 4, 2023
In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Fix crash caused... Moderate Unreviewed
CVE-2024-49953 was published Oct 21, 2024
In the Linux kernel, the following vulnerability has been resolved: virtio_net: correct... Moderate Unreviewed
CVE-2024-56674 was published Dec 27, 2024
IBM App Connect Enterprise 12.0.1.0 through 12.0.12.1 could allow an authenticated user to obtain... Moderate Unreviewed
CVE-2024-31893 was published May 22, 2024
IBM App Connect Enterprise 12.0.1.0 through 12.0.12.1 could allow an authenticated user to obtain... Moderate Unreviewed
CVE-2024-31894 was published May 22, 2024
IBM App Connect Enterprise 12.0.1.0 through 12.0.12.1 could allow an authenticated user to obtain... Moderate Unreviewed
CVE-2024-31895 was published May 22, 2024
In the Linux kernel, the following vulnerability has been resolved: ipc/mqueue, msg, sem: avoid... High Unreviewed
CVE-2021-47069 was published Mar 2, 2024
Dell Avamar, version 19.4 or later, contains an access token reuse vulnerability in the AUI. A... Moderate Unreviewed
CVE-2025-21117 was published Feb 5, 2025
Premature release of resource during expected lifetime in the Intel(R) SGX SDK software may allow... Moderate Unreviewed
CVE-2022-27499 was published Nov 11, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database