Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,189
Erlang
31
GitHub Actions
19
Go
1,985
Maven
5,000+
npm
3,701
NuGet
657
pip
3,326
Pub
11
RubyGems
882
Rust
836
Swift
35
Unreviewed advisories
All unreviewed
5,000+

145 advisories

Loading
Integer truncation in Shard API usage High
CVE-2020-15202 was published for tensorflow (pip) Sep 25, 2020
Ory fosite contains Improper Handling of Exceptional Conditions High
CVE-2020-15223 was published for github.com/ory/fosite (Go) May 24, 2021
jclebreton
Incorrect handling of H2 GOAWAY + SETTINGS frames High
CVE-2021-39162 was published for github.com/pomerium/pomerium (Go) Sep 10, 2021
Uncaught Exception in mercurius High
CVE-2021-43801 was published for mercurius (npm) Dec 13, 2021
Uncaught Exception in engine.io High
CVE-2022-21676 was published for engine.io (npm) Jan 13, 2022
marwej
An Improper Check for Unusual or Exceptional Conditions vulnerability in the processing of... High Unreviewed
CVE-2022-22180 was published Jan 20, 2022
An Improper Check for Unusual or Exceptional Conditions vulnerability in the Packet Forwarding... High Unreviewed
CVE-2022-22171 was published Jan 20, 2022
A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists that could... High Unreviewed
CVE-2021-22816 was published Jan 29, 2022
Improper Handling of Exceptional Conditions, Improper Check for Unusual or Exceptional Conditions... High Unreviewed
CVE-2021-22285 was published Feb 10, 2022
A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists that could... High Unreviewed
CVE-2022-24321 was published Feb 11, 2022
It was found that polkit could be tricked into bypassing the credential checks for D-Bus requests... High Unreviewed
CVE-2021-3560 was published Feb 17, 2022
A vulnerability has been identified in RUGGEDCOM ROS M2100 (All versions < V5.6.0), RUGGEDCOM ROS... High Unreviewed
CVE-2021-42020 was published Mar 9, 2022
When connecting to a certain port Axeda agent (All versions) and Axeda Desktop Server for Windows... High Unreviewed
CVE-2022-25252 was published Mar 17, 2022
An Improper Check for Unusual or Exceptional Conditions vulnerability in the packetIO daemon of... High Unreviewed
CVE-2022-22194 was published Apr 15, 2022
A vulnerability in Juniper Networks Junos OS on SRX Series, allows a network-based... High Unreviewed
CVE-2022-22185 was published Apr 15, 2022
On F5 BIG-IP 15.1.x versions prior to 15.1.5.1, 14.1.x versions prior to 14.1.4.6, and 13.1.x... High Unreviewed
CVE-2022-29473 was published May 6, 2022
On F5 BIG-IP 16.1.x versions prior to 16.1.2 and 15.1.x versions prior to 15.1.5.1, when the DNS... High Unreviewed
CVE-2022-28706 was published May 6, 2022
Nginx NJS v0.7.2 was discovered to contain a segmentation violation via njs_lvlhsh_bucket_find at... High Unreviewed
CVE-2022-29369 was published May 13, 2022
An exploitable unhandled exception vulnerability exists in multiple APIs of CPP-Ethereum JSON-RPC... High Unreviewed
CVE-2017-12119 was published May 13, 2022
An Improper Check for Unusual or Exceptional Conditions vulnerability exists in Schneider... High Unreviewed
CVE-2018-7789 was published May 13, 2022
Failure to check error conditions in V8 in Google Chrome prior to 72.0.3626.81 allowed a remote... High Unreviewed
CVE-2019-5763 was published May 13, 2022
Zcash, before the Sapling network upgrade (2018-10-28), had a counterfeiting vulnerability. A key... High Unreviewed
CVE-2019-7167 was published May 13, 2022
The raw_cmd_copyin function in drivers/block/floppy.c in the Linux kernel through 3.14.3 does not... High Unreviewed
CVE-2014-1737 was published May 13, 2022
QFX and EX Series switches configured to drop traffic when the MAC move limit is exceeded will... High Unreviewed
CVE-2018-0005 was published May 13, 2022
An elevation of privilege vulnerability in the Qualcomm sound driver could enable a local... High Unreviewed
CVE-2017-0610 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database