GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,763
Composer 4,248
Erlang 31
GitHub Actions 21
Go 2,010
Maven 5,201
npm 3,719
NuGet 662
pip 3,391
Pub 11
RubyGems 885
Rust 851
Swift 36

Unreviewed advisories

All unreviewed 236,113

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

30 advisories

Filter by severity

Sort by

Least recently updated

Florent Thiéry has found that selected Axis devices were vulnerable to handling certain ethernet... High Unreviewed

CVE-2024-47257 was published Nov 26, 2024

A memory corruption vulnerability exists in the affected products when parsing DFT files. Local... High Unreviewed

CVE-2024-6068 was published Nov 14, 2024

The ctl_report_supported_opcodes function did not sufficiently validate a field provided by... High Unreviewed

CVE-2024-42416 was published Sep 5, 2024

A sym-linked file accessed via the repair function in Avast Antivirus <24.2 on Windows may allow... High Unreviewed

CVE-2024-5102 was published Jun 10, 2024

Improper Validation of Specified Quantity in Input vulnerability in Tips and Tricks HQ WP Express... High Unreviewed

CVE-2024-30527 was published May 17, 2024

Faulty input validation in the core of Apache allows malicious or exploitable backend/content... High Unreviewed

CVE-2023-38709 was published Apr 4, 2024

Denial-of-service (DoS) vulnerability due to improper validation of specified type of input issue... High Unreviewed

CVE-2023-38744 was published Aug 3, 2023

The HTTP server in Mongoose before 7.10 accepts requests containing negative Content-Length headers. High Unreviewed

CVE-2023-34188 was published Jun 23, 2023

A denial of service attack might be launched against the server if an unusually lengthy password ... High Unreviewed

CVE-2023-30082 was published Jun 14, 2023

A flaw was found in the c-ares package. The ares_set_sortlist is missing checks about the... High Unreviewed

CVE-2022-4904 was published Mar 7, 2023

For certain systems running EOS, a Precision Time Protocol (PTP) packet of a management/signaling... High Unreviewed

CVE-2021-28510 was published Jan 26, 2023

The demon image annotation plugin for WordPress is vulnerable to improper input validation in... High Unreviewed

CVE-2022-4171 was published Dec 13, 2022

A vulnerability has been identified in SIMATIC Drive Controller family (All versions < V3.0.1),... High Unreviewed

CVE-2021-44693 was published Dec 13, 2022

Multiple vulnerabilities in the Cisco Discovery Protocol functionality of Cisco ATA 190 Series... High Unreviewed

CVE-2022-20690 was published Dec 12, 2022

Multiple vulnerabilities in the Cisco Discovery Protocol functionality of Cisco ATA 190 Series... High Unreviewed

CVE-2022-20689 was published Dec 12, 2022

Improper Input Validation vulnerability exists in the Hitachi Energy MicroSCADA X SYS600's ICCP... High Unreviewed

CVE-2022-2277 was published Sep 15, 2022

libtiff's tiffcrop utility has a improper input validation flaw that can lead to out of bounds... High Unreviewed

CVE-2022-2868 was published Aug 18, 2022

NHI’s health insurance web service component has insufficient validation for input string length,... High Unreviewed

CVE-2021-45918 was published Jun 21, 2022

The rds_page_copy_user function in net/rds/page.c in the Reliable Datagram Sockets (RDS) protocol... High Unreviewed

CVE-2010-3904 was published May 13, 2022

A vulnerability in the HCI Modbus TCP COMPONENT of Hitachi Energy RTU500 series CMU Firmware that... High Unreviewed

CVE-2022-28613 was published May 3, 2022

src/sdp.c in bluez-libs 3.30 in BlueZ, and other bluez-libs before 3.34 and bluez-utils before 3... High Unreviewed

CVE-2008-2374 was published May 1, 2022

Microsoft Windows XP SP2 and SP3, and Server 2003 SP1 and SP2, does not properly validate the... High Unreviewed

CVE-2008-1440 was published May 1, 2022

A heap-based buffer overflow vulnerability exists in the XWD parser functionality of Accusoft... High Unreviewed

CVE-2021-21943 was published Apr 15, 2022

Buffer overflow vulnerabilities exist in FRRouting through 8.1.0 due to wrong checks on the input... High Unreviewed

CVE-2022-26125 was published Mar 4, 2022

A buffer overflow vulnerability exists in FRRouting through 8.1.0 due to a wrong check on the... High Unreviewed

CVE-2022-26128 was published Mar 4, 2022

Previous 1 2 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

30 advisories