Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,968
Erlang
29
GitHub Actions
16
Go
1,752
Maven
4,982
npm
3,516
NuGet
609
pip
3,090
Pub
10
RubyGems
832
Rust
782
Swift
34
Unreviewed advisories
All unreviewed
5,000+

19 advisories

Loading
An issue was discovered in Contiki-NG tinyDTLS through master branch 53a0d97. DTLS servers... Critical Unreviewed
CVE-2021-42142 was published Jan 24, 2024
An issue was discovered in Contiki-NG tinyDTLS through 2018-08-30. One incorrect handshake could... Critical Unreviewed
CVE-2021-42141 was published Jan 23, 2024
In Perl before 5.38.2, S_parse_uniprop_string in regcomp.c can write to unallocated space because... Critical Unreviewed
CVE-2023-47100 was published Dec 3, 2023
bgpd/bgp_flowspec.c in FRRouting (FRR) before 8.4.3 mishandles an nlri length of zero, aka a ... Critical Unreviewed
CVE-2023-38406 was published Nov 6, 2023
Due to insufficient file permissions, unprivileged users could gain access to unencrypted user... Critical Unreviewed
CVE-2023-21408 was published Aug 3, 2023
Due to insufficient file permissions, unprivileged users could gain access to unencrypted... Critical Unreviewed
CVE-2023-21409 was published Aug 3, 2023
This vulnerability allows remote attackers to execute arbitrary code on affected installations of... Critical Unreviewed
CVE-2022-23121 was published Mar 28, 2023
Improper Handling of Parameters vulnerability in BG-TEK COSLAT Firewall allows Remote Code... Critical Unreviewed
CVE-2021-4105 was published Feb 24, 2023
app/Controller/Component/IndexFilterComponent.php in MISP before 2.4.167 mishandles... Critical Unreviewed
CVE-2022-48328 was published Feb 20, 2023
MISP before 2.4.166 unsafely allows users to use the order parameter, related to app/Model... Critical Unreviewed
CVE-2022-48329 was published Feb 20, 2023
Denial of service in bottle Critical
CVE-2022-31799 was published for bottle (pip) Jun 3, 2022
An improper handling of exceptional conditions vulnerability exists in Open Design Alliance ODA... Critical Unreviewed
CVE-2021-43272 was published May 24, 2022
Improper handling of length parameter inconsistency vulnerability in Mitsubishi Electric FA... Critical Unreviewed
CVE-2021-20588 was published May 24, 2022
An arbitrary file copy vulnerability in mod_copy in ProFTPD up to 1.3.5b allows for remote code... Critical Unreviewed
CVE-2019-12815 was published May 24, 2022
A Denial of Service issue was discovered in the LIVE555 Streaming Media libraries as used in... Critical Unreviewed
CVE-2019-6256 was published May 13, 2022
VeryNginx 0.3.3 allows remote attackers to bypass the Web Application Firewall feature because... Critical Unreviewed
CVE-2018-19991 was published May 13, 2022
A missing error check exists in the Multi-Camera interface used by the Foscam C1 Indoor HD Camera... Critical Unreviewed
CVE-2017-2877 was published May 13, 2022
burn allows file names to escape via mishandled quotation marks Critical Unreviewed
CVE-2009-5043 was published Apr 21, 2022
Improper Check for Unusual or Exceptional Conditions in Connect2id Nimbus JOSE+JWT Critical
CVE-2019-17195 was published for com.nimbusds:nimbus-jose-jwt (Maven) Oct 16, 2019
ProTip! Advisories are also available from the GraphQL API