GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,083
Erlang
29
GitHub Actions
19
Go
1,909
Maven
5,000+
npm
3,644
NuGet
638
pip
3,260
Pub
10
RubyGems
869
Rust
820
Swift
35
Unreviewed advisories
All unreviewed
5,000+
401 advisories
Filter by severity
MISP before 2.4.166 unsafely allows users to use the order parameter, related to app/Model...
Critical
Unreviewed
CVE-2022-48329
was published
Feb 20, 2023
Improper conditions check in the Intel(R) SGX SDK software may allow a privileged user to...
Moderate
Unreviewed
CVE-2022-26509
was published
Feb 16, 2023
Uncaught exception in the Intel(R) Iris(R) Xe MAX drivers for Windows before version 100.0.5.1436...
Moderate
Unreviewed
CVE-2022-34849
was published
Feb 16, 2023
Uncaught exception in webserver for the Integrated BMC in some Intel(R) platforms before versions...
Moderate
Unreviewed
CVE-2022-29493
was published
Feb 16, 2023
Uncaught exception in the FCS Server software maintained by Intel before version 1.1.79.3 may...
Moderate
Unreviewed
CVE-2022-36287
was published
Feb 16, 2023
A vulnerability in class-of-service (CoS) queue management in Juniper Networks Junos OS on the...
High
Unreviewed
CVE-2023-22391
was published
Jan 13, 2023
An improper handling of exceptional conditions vulnerability in Trend Micro Apex One and Apex One...
High
Unreviewed
CVE-2022-44652
was published
Dec 12, 2022
Improper handling of insufficient permissions vulnerability in setSecureFolderPolicy in...
Low
Unreviewed
CVE-2022-39912
was published
Dec 8, 2022
go-merkledag's ProtoNode may be modified such that common method calls may panic
High
CVE-2022-23495
was published
for
github.com/ipfs/go-merkledag
(Go)
Dec 8, 2022
Yauaa vulnerable to ArrayIndexOutOfBoundsException triggered by a crafted Sec-Ch-Ua-Full-Version-List
High
CVE-2022-23496
was published
for
nl.basjes.parse.useragent:yauaa
(Maven)
Dec 8, 2022
Redmine 5.x before 5.0.4 allows downloading of file attachments of any Issue or any Wiki page due...
High
Unreviewed
CVE-2022-44030
was published
Dec 7, 2022
nadesiko3 allows remote attacker to inject invalid value to decodeURIComponent of nako3edit
Moderate
CVE-2022-41777
was published
for
nadesiko3
(npm)
Dec 5, 2022
A vulnerability in the processing of SSH connections of Cisco Firepower Management Center (FMC)...
High
Unreviewed
CVE-2022-20854
was published
Nov 16, 2022
Improper access control vulnerability in IpcRxServiceModeBigDataInfo in RIL prior to SMR Nov-2022...
Low
Unreviewed
CVE-2022-39886
was published
Nov 10, 2022
Improper access control vulnerability in BootCompletedReceiver_CMCC in DeviceManagement prior to...
Low
Unreviewed
CVE-2022-39885
was published
Nov 10, 2022
A denial of service vulnerability exists in the web_server hashFirst functionality of Robustel...
High
Unreviewed
CVE-2022-35268
was published
Oct 25, 2022
An unhandled exception in job log parsing in GitLab CE/EE affecting all versions prior to 15.2.5,...
Moderate
Unreviewed
CVE-2022-3279
was published
Oct 17, 2022
lock order inversion in transitive grant copy handling As part of XSA-226 a missing cleanup call...
Moderate
Unreviewed
CVE-2022-33748
was published
Oct 11, 2022
A vulnerability in the SSH implementation of Cisco IOS Software and Cisco IOS XE Software could...
High
Unreviewed
CVE-2022-20920
was published
Oct 11, 2022
Traefik HTTP/2 connections management could cause a denial of service
High
CVE-2022-39271
was published
for
github.com/traefik/traefik/v2
(Go)
Oct 10, 2022
In wlan, there is a possible use after free due to an incorrect status check. This could lead to...
Moderate
Unreviewed
CVE-2022-32590
was published
Oct 8, 2022
Improper restriction of broadcasting Intent in ShareLive prior to version 13.2.03.5 leaks MAC...
Low
Unreviewed
CVE-2022-39872
was published
Oct 7, 2022
A maliciously crafted PDF file when parsed through Autodesk AutoCAD 2023 causes an unhandled...
High
Unreviewed
CVE-2022-33887
was published
Oct 4, 2022
A maliciously crafted MODEL and SLDPRT file can be used to write beyond the allocated buffer...
High
Unreviewed
CVE-2022-33886
was published
Oct 4, 2022
A vulnerability in the processing of malformed Common Industrial Protocol (CIP) packets that are...
High
Unreviewed
CVE-2022-20919
was published
Oct 1, 2022
ProTip!
Advisories are also available from the
GraphQL API