Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,968
Erlang
29
GitHub Actions
16
Go
1,752
Maven
4,982
npm
3,516
NuGet
609
pip
3,090
Pub
10
RubyGems
832
Rust
782
Swift
34
Unreviewed advisories
All unreviewed
5,000+

383 advisories

Loading
An improper check or handling of exceptional conditions in NPU driver prior to SMR Jan-2022... High Unreviewed
CVE-2022-22265 was published Jan 11, 2022
Denial of Service in soketi High
CVE-2022-21667 was published for @soketi/soketi (npm) Jan 8, 2022
Improper handling of exceptional conditions vulnerability in KONICA MINOLTA bizhub series (bizhub... Moderate Unreviewed
CVE-2021-20870 was published Jan 5, 2022
Improper access control in TrustZone due to improper error handling while handling the signing... High Unreviewed
CVE-2021-1894 was published Jan 4, 2022
Possible denial of service due to improper handling of debug register trap from user applications... Moderate Unreviewed
CVE-2021-30283 was published Jan 4, 2022
Possible buffer overflow due to lack of range check while processing a DIAG command for COEX... High Unreviewed
CVE-2021-30289 was published Jan 4, 2022
The HwNearbyMain module has a Improper Handling of Exceptional Conditions vulnerability... Moderate Unreviewed
CVE-2021-37118 was published Jan 4, 2022
In apusys, there is a possible memory corruption due to a missing bounds check. This could lead... Moderate Unreviewed
CVE-2021-0679 was published Dec 18, 2021
In getTitle of AccessPoint.java, there is a possible unhandled exception due to a missing null... Moderate Unreviewed
CVE-2021-0969 was published Dec 16, 2021
An improper check or handling of exceptional conditions in Exynos baseband prior to SMR Dec-2021... High Unreviewed
CVE-2021-25516 was published Dec 9, 2021
There is an Exception log vulnerability in Huawei Smartphone.Successful exploitation of this... High Unreviewed
CVE-2021-37052 was published Dec 9, 2021
An unauthenticated attacker is able to send a special HTTP request, that causes a service to... High Unreviewed
CVE-2021-23859 was published Dec 9, 2021
In apusys, there is a possible memory corruption due to incorrect error handling. This could lead... High Unreviewed
CVE-2021-0668 was published Nov 19, 2021
Exposure of Sensitive Information in keycloak Moderate
CVE-2020-1744 was published for org.keycloak:keycloak-core (Maven) Sep 20, 2021
Uncontrolled Resource Consumption in transpile Moderate
CVE-2021-23429 was published for transpile (npm) Sep 2, 2021
Parse Server crashes with query parameter High
CVE-2021-39187 was published for parse-server (npm) Sep 2, 2021
mstniy
Improper Handling of Exceptional Conditions in detect-character-encoding High
CVE-2021-39157 was published for detect-character-encoding (npm) Aug 25, 2021
Improper Handling of Exceptional Conditions in Apache Tomcat High
CVE-2021-30639 was published for org.apache.tomcat:tomcat (Maven) Aug 13, 2021
MinIO Admin API security issue High Unreviewed
CVE-2020-11012 was published May 24, 2021
vadmeste aead
Ory fosite contains Improper Handling of Exceptional Conditions High
CVE-2020-15223 was published for github.com/ory/fosite (Go) May 24, 2021
jclebreton
github.com/nats-io/nats-server Import token permissions checking not enforced High
GHSA-j756-f273-xhp4 was published for github.com/nats-io/nats-server/v2 (Go) May 21, 2021
Segfault in `tf.raw_ops.SparseCountSparseOutput` Low
CVE-2021-29619 was published for tensorflow (pip) May 21, 2021
Crash in `tf.transpose` with complex inputs Low
CVE-2021-29618 was published for tensorflow (pip) May 21, 2021
Crash in `tf.strings.substr` due to `CHECK`-fail Low
CVE-2021-29617 was published for tensorflow (pip) May 21, 2021
Authorization bypass in github.com/dgrijalva/jwt-go High
CVE-2020-26160 was published for github.com/dgrijalva/jwt-go (Go) May 18, 2021
ProTip! Advisories are also available from the GraphQL API