GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,248
Erlang
31
GitHub Actions
21
Go
2,014
Maven
5,000+
npm
3,721
NuGet
662
pip
3,393
Pub
11
RubyGems
890
Rust
852
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
30 advisories
Filter by severity
In Open5GS 2.4.0, a crafted packet from UE can crash SGW-U/UPF.
High
Unreviewed
CVE-2021-45462
was published
Dec 24, 2021
ASUS RT-AX56U Wi-Fi Router is vulnerable to stack-based buffer overflow due to improper...
High
Unreviewed
CVE-2021-44158
was published
Jan 4, 2022
A vulnerability has been identified in Simcenter Femap V2020.2 (All versions), Simcenter Femap...
High
Unreviewed
CVE-2021-46158
was published
Feb 10, 2022
The Popup | Custom Popup Builder WordPress plugin before 1.3.1 autoload data from its popup on...
High
Unreviewed
CVE-2022-0214
was published
Feb 15, 2022
A buffer overflow vulnerability exists in FRRouting through 8.1.0 due to a wrong check on the...
High
Unreviewed
CVE-2022-26128
was published
Mar 4, 2022
A buffer overflow vulnerability exists in FRRouting through 8.1.0 due to missing a check on the...
High
Unreviewed
CVE-2022-26127
was published
Mar 4, 2022
Buffer overflow vulnerabilities exist in FRRouting through 8.1.0 due to wrong checks on the input...
High
Unreviewed
CVE-2022-26125
was published
Mar 4, 2022
A heap-based buffer overflow vulnerability exists in the XWD parser functionality of Accusoft...
High
Unreviewed
CVE-2021-21943
was published
Apr 15, 2022
Microsoft Windows XP SP2 and SP3, and Server 2003 SP1 and SP2, does not properly validate the...
High
Unreviewed
CVE-2008-1440
was published
May 1, 2022
src/sdp.c in bluez-libs 3.30 in BlueZ, and other bluez-libs before 3.34 and bluez-utils before 3...
High
Unreviewed
CVE-2008-2374
was published
May 1, 2022
A vulnerability in the HCI Modbus TCP COMPONENT of Hitachi Energy RTU500 series CMU Firmware that...
High
Unreviewed
CVE-2022-28613
was published
May 3, 2022
The rds_page_copy_user function in net/rds/page.c in the Reliable Datagram Sockets (RDS) protocol...
High
Unreviewed
CVE-2010-3904
was published
May 13, 2022
NHI’s health insurance web service component has insufficient validation for input string length,...
High
Unreviewed
CVE-2021-45918
was published
Jun 21, 2022
libtiff's tiffcrop utility has a improper input validation flaw that can lead to out of bounds...
High
Unreviewed
CVE-2022-2868
was published
Aug 18, 2022
Improper Input Validation vulnerability exists in the Hitachi Energy MicroSCADA X SYS600's ICCP...
High
Unreviewed
CVE-2022-2277
was published
Sep 15, 2022
Multiple vulnerabilities in the Cisco Discovery Protocol functionality of Cisco ATA 190 Series...
High
Unreviewed
CVE-2022-20690
was published
Dec 12, 2022
Multiple vulnerabilities in the Cisco Discovery Protocol functionality of Cisco ATA 190 Series...
High
Unreviewed
CVE-2022-20689
was published
Dec 12, 2022
A vulnerability has been identified in SIMATIC Drive Controller family (All versions < V3.0.1),...
High
Unreviewed
CVE-2021-44693
was published
Dec 13, 2022
The demon image annotation plugin for WordPress is vulnerable to improper input validation in...
High
Unreviewed
CVE-2022-4171
was published
Dec 13, 2022
For certain systems running EOS, a Precision Time Protocol (PTP) packet of a management/signaling...
High
Unreviewed
CVE-2021-28510
was published
Jan 26, 2023
A flaw was found in the c-ares package. The ares_set_sortlist is missing checks about the...
High
Unreviewed
CVE-2022-4904
was published
Mar 7, 2023
A denial of service attack might be launched against the server if an unusually lengthy password ...
High
Unreviewed
CVE-2023-30082
was published
Jun 14, 2023
The HTTP server in Mongoose before 7.10 accepts requests containing negative Content-Length headers.
High
Unreviewed
CVE-2023-34188
was published
Jun 23, 2023
Denial-of-service (DoS) vulnerability due to improper validation of specified type of input issue...
High
Unreviewed
CVE-2023-38744
was published
Aug 3, 2023
Faulty input validation in the core of Apache allows malicious or exploitable backend/content...
High
Unreviewed
CVE-2023-38709
was published
Apr 4, 2024
ProTip!
Advisories are also available from the
GraphQL API