Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,189
Erlang
31
GitHub Actions
19
Go
1,985
Maven
5,000+
npm
3,701
NuGet
657
pip
3,326
Pub
11
RubyGems
882
Rust
836
Swift
35
Unreviewed advisories
All unreviewed
5,000+

61 advisories

Loading
A flaw was found in the OpenShift web console, where the access token is stored in the browser's... Moderate Unreviewed
CVE-2020-1761 was published May 24, 2022
Curam Universal Access in IBM Curam Social Program Management (SPM) 6.0 SP2 before EP26, 6.0.4... Moderate Unreviewed
CVE-2014-4843 was published May 17, 2022
A flaw was found in dnsmasq before version 2.83. When getting a reply from a forwarded query,... Moderate Unreviewed
CVE-2020-25685 was published May 24, 2022
A flaw was found in dnsmasq before version 2.83. When receiving a query, dnsmasq does not check... Moderate Unreviewed
CVE-2020-25686 was published May 24, 2022
A flaw was found in dnsmasq in versions before 2.85. When configured to use a specific server for... Moderate Unreviewed
CVE-2021-3448 was published May 24, 2022
The DeepL Pro API translation plugin WordPress plugin before 1.7.5 discloses sensitive... High Unreviewed
CVE-2022-3691 was published Nov 21, 2022
Spring Framework allows applications to expose STOMP over WebSocket endpoints Critical
CVE-2018-1270 was published for org.springframework:spring-core (Maven) Oct 17, 2018
IBM Security Access Manager for Web could allow a remote attacker to obtain sensitive information... High Unreviewed
CVE-2016-3017 was published May 13, 2022
Dell EMC iDRAC6, versions prior to 2.91, iDRAC7/iDRAC8, versions prior to 2.60.60.60 and iDRAC9,... High Unreviewed
CVE-2018-1243 was published May 13, 2022
Samba from version 4.9.0 and before version 4.9.3 that have AD DC configurations watching for bad... Moderate Unreviewed
CVE-2018-16857 was published May 13, 2022
A vulnerability in the container management subsystem of Cisco Digital Network Architecture (DNA)... Critical Unreviewed
CVE-2018-0268 was published May 13, 2022
A Violation of Secure Design Principles issue was discovered in Schneider Electric Modicon Modbus... Moderate Unreviewed
CVE-2017-6032 was published May 13, 2022
An issue has been found in the API component of PowerDNS Authoritative 4.x up to and including 4... High Unreviewed
CVE-2017-15091 was published May 13, 2022
A vulnerability in the Advanced Malware Protection (AMP) file filtering feature of Cisco AsyncOS... Moderate Unreviewed
CVE-2017-12303 was published May 13, 2022
udp.c in the Linux kernel before 4.5 allows remote attackers to execute arbitrary code via UDP... Critical Unreviewed
CVE-2016-10229 was published May 17, 2022
Suricata before 3.2.1 has an IPv4 defragmentation evasion issue caused by lack of a check for the... High Unreviewed
CVE-2017-7177 was published May 14, 2022
In Flexense VX Search Enterprise v10.1.12, the Control Protocol suffers from a denial of service... High Unreviewed
CVE-2017-15662 was published May 14, 2022
In Flexense Disk Pulse Enterprise v10.1.18, the Control Protocol suffers from a denial of service... High Unreviewed
CVE-2017-15663 was published May 14, 2022
In Flexense DiskBoss Enterprise 8.5.12, the Control Protocol suffers from a denial of service... High Unreviewed
CVE-2017-15665 was published May 14, 2022
In Flexense Sync Breeze Enterprise v10.1.16, the Control Protocol suffers from a denial of... High Unreviewed
CVE-2017-15664 was published May 14, 2022
Huawei Honor 5S smart phones with software the versions before TAG-TL00C01B173 have a Factory... Moderate Unreviewed
CVE-2017-8152 was published May 17, 2022
It was discovered that OpenShift Container Platform's (OCP) distribution of Kibana could open in... Moderate Unreviewed
CVE-2020-10743 was published May 24, 2022
A flaw was found in the "Leaf and Chain" OCSP policy implementation in JSS' CryptoManager... High Unreviewed
CVE-2019-14823 was published May 24, 2022
It was found that Diffie Hellman Client key exchange handling in NSS 3.21.x was vulnerable to... Moderate Unreviewed
CVE-2016-8635 was published May 13, 2022
A vulnerability has been identified in RUGGEDCOM ROS M2100 (All versions < V5.6.0), RUGGEDCOM ROS... Moderate Unreviewed
CVE-2021-42017 was published Mar 9, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database