GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,968
Erlang
29
GitHub Actions
16
Go
1,752
Maven
4,982
npm
3,516
NuGet
609
pip
3,090
Pub
10
RubyGems
832
Rust
782
Swift
34
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
100,303 advisories
Filter by severity
In preloader (usb), there is a possible out of bounds write due to a missing bounds check. This...
Moderate
Unreviewed
CVE-2022-20056
was published
Mar 11, 2022
In vpu, there is a possible escalation of privilege due to a missing permission check. This could...
Moderate
Unreviewed
CVE-2022-20049
was published
Mar 11, 2022
The SAP Focused Run (Real User Monitoring) - versions 200, 300, REST service does not...
Moderate
Unreviewed
CVE-2022-24399
was published
Mar 11, 2022
A cross-site scripting (XSS) vulnerability in the component cgi-bin/ej.cgi of Ex libris ALEPH 500...
Moderate
Unreviewed
CVE-2022-24177
was published
Mar 11, 2022
Under certain conditions SAP Business Objects Business Intelligence Platform - versions 420, 430,...
Moderate
Unreviewed
CVE-2022-24398
was published
Mar 11, 2022
In btif, there is a possible memory corruption due to incorrect error handling. This could lead...
Moderate
Unreviewed
CVE-2022-20057
was published
Mar 11, 2022
A stored cross-site scripting vulnerability in marktext versions prior to v0.17.0 due to improper...
Moderate
Unreviewed
CVE-2022-21158
was published
Mar 11, 2022
In preloader (usb), there is a possible out of bounds write due to a missing bounds check. This...
Moderate
Unreviewed
CVE-2022-20059
was published
Mar 11, 2022
In ims service, there is a possible unexpected application behavior due to incorrect privilege...
Moderate
Unreviewed
CVE-2022-20051
was published
Mar 11, 2022
In connsyslogger, there is a possible symbolic link following due to improper link resolution....
Moderate
Unreviewed
CVE-2022-20050
was published
Mar 11, 2022
The pointer-validation logic in util/mem_util.rs in Occlum before 0.26.0 for Intel SGX acts as a...
Moderate
Unreviewed
CVE-2021-44421
was published
Mar 11, 2022
A NULL pointer dereference was found in the Linux kernel's KVM when dirty ring logging is enabled...
Moderate
Unreviewed
CVE-2021-4095
was published
Mar 11, 2022
There is a permission control vulnerability in the Wi-Fi module. Successful exploitation of this...
Moderate
Unreviewed
CVE-2021-40059
was published
Mar 11, 2022
Ming 0.4.8 has an out-of-bounds buffer access issue in the function decompileINCR_DECR() in...
Moderate
Unreviewed
CVE-2021-34340
was published
Mar 11, 2022
This issue affects: Secomea GateManager Version 9.6.621421014 and all prior versions. Permission...
Moderate
Unreviewed
CVE-2021-32006
was published
Mar 11, 2022
Northern.tech CFEngine Enterprise 3.15.4 before 3.15.5 has Insecure Permissions that may allow...
Moderate
Unreviewed
CVE-2021-44215
was published
Mar 11, 2022
Stack-based buffer overflow in the function get_key in parse.c of abcm2ps v8.14.11 allows remote...
Moderate
Unreviewed
CVE-2021-32435
was published
Mar 11, 2022
A flaw was found in the io-workqueue implementation in the Linux kernel versions prior to 5.15...
Moderate
Unreviewed
CVE-2021-4023
was published
Mar 11, 2022
A NULL pointer dereference flaw was found in the Linux kernel's BPF subsystem in the way a user...
Moderate
Unreviewed
CVE-2022-0433
was published
Mar 11, 2022
Northern.tech CFEngine Enterprise before 3.15.5 and 3.18.x before 3.18.1 has Insecure Permissions...
Moderate
Unreviewed
CVE-2021-44216
was published
Mar 11, 2022
It was discovered that the /DsaDataTest endpoint is susceptible to Cross-site scripting (XSS)...
Moderate
Unreviewed
CVE-2021-42856
was published
Mar 11, 2022
Ming 0.4.8 has an out-of-bounds buffer access issue in the function getString() in decompiler.c...
Moderate
Unreviewed
CVE-2021-34339
was published
Mar 11, 2022
Ming 0.4.8 has an out-of-bounds buffer overwrite issue in the function getName() in decompiler.c...
Moderate
Unreviewed
CVE-2021-34338
was published
Mar 11, 2022
A Cross-Site Scripting (XSS) attack can cause arbitrary code (JavaScript) to run in a user’s...
Moderate
Unreviewed
CVE-2021-33851
was published
Mar 11, 2022
An out-of-bounds read in the function write_title() in subs.c of abcm2ps v8.14.11 allows remote...
Moderate
Unreviewed
CVE-2021-32436
was published
Mar 11, 2022
ProTip!
Advisories are also available from the
GraphQL API