GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
755 advisories
Filter by severity
A vulnerability in the detection engine of Cisco Firepower System Software could allow an...
High
Unreviewed
CVE-2018-15443
was published
May 13, 2022
Yokogawa STARDOM Controllers FCJ,FCN-100, FCN-RTU, FCN-500, All versions R4.10 and prior, The...
High
Unreviewed
CVE-2018-17898
was published
May 13, 2022
IBM Spectrum Protect 7.1 and 8.1 dsmc and dsmcad processes incorrectly accumulate TCP/IP sockets...
High
Unreviewed
CVE-2018-1786
was published
May 13, 2022
Denial of Service through Resource Depletion vulnerability in the agent in non-Windows McAfee...
High
Unreviewed
CVE-2018-6707
was published
May 13, 2022
Philips e-Alert Unit (non-medical device), Version R2.1 and prior. The software does not properly...
High
Unreviewed
CVE-2018-8854
was published
May 13, 2022
Mitsubishi Electric Q03/04/06/13/26UDVCPU: serial number 20081 and prior, Q04/06/13/26UDPVCPU:...
High
Unreviewed
CVE-2019-6535
was published
May 13, 2022
IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 is vulnerable to a denial of service,...
High
Unreviewed
CVE-2019-4046
was published
May 13, 2022
ColossusCoinXT through 1.0.5 (a chain-based proof-of-stake cryptocurrency) allows a remote denial...
High
Unreviewed
CVE-2018-19158
was published
May 13, 2022
A vulnerability stemming from failure to properly clean up closed OMAPI connections can lead to...
High
Unreviewed
CVE-2017-3144
was published
May 13, 2022
Bitcoin Core before v0.13.0 allows denial of service (memory exhaustion) triggered by the remote...
High
Unreviewed
CVE-2016-10724
was published
May 13, 2022
Node.js: All versions prior to Node.js 6.15.0, 8.14.0, 10.14.0 and 11.3.0: Slowloris HTTP Denial...
High
Unreviewed
CVE-2018-12122
was published
May 13, 2022
Node.js versions 9.7.0 and later and 10.x are vulnerable and the severity is MEDIUM. A bug...
High
Unreviewed
CVE-2018-7164
was published
May 13, 2022
Node.js: All versions prior to Node.js 6.15.0, 8.14.0, 10.14.0 and 11.3.0: Denial of Service with...
High
Unreviewed
CVE-2018-12121
was published
May 13, 2022
The Neighbor Discovery (ND) protocol implementation in the IPv6 stack in Cisco IOS before 15.0(1...
High
Unreviewed
CVE-2010-4671
was published
May 13, 2022
CallManager Express (CME) on Cisco IOS before 15.0(1)XA1 does not properly handle SIP TRUNK...
High
Unreviewed
CVE-2010-4686
was published
May 13, 2022
Google Chrome before 9.0.597.94 does not properly perform process termination upon memory...
High
Unreviewed
CVE-2011-0985
was published
May 13, 2022
An error when processing the EXIF_IFD_INTEROPERABILITY and EXIF_IFD_EXIF tags within libexif...
High
Unreviewed
CVE-2018-20030
was published
May 13, 2022
Knot DNS before 2.3.0 allows remote DNS servers to cause a denial of service (memory exhaustion...
High
Unreviewed
CVE-2016-6171
was published
May 13, 2022
NTP before 4.2.8p9 rate limits responses received from the configured sources when rate limiting...
High
Unreviewed
CVE-2016-7426
was published
May 13, 2022
A vulnerability in the Layer 2 Tunneling Protocol (L2TP) parsing function of Cisco IOS (12.0...
High
Unreviewed
CVE-2017-3857
was published
May 13, 2022
Internet Initiative Japan Inc. SEIL Series routers SEIL/X1 2.50 through 4.62, SEIL/X2 2.50...
High
Unreviewed
CVE-2014-7255
was published
May 13, 2022
The TCP stack in the Linux kernel 3.x does not properly implement a SYN cookie protection...
High
Unreviewed
CVE-2017-5972
was published
May 13, 2022
The socket implementation in net/core/sock.c in the Linux kernel before 2.6.34 does not properly...
High
Unreviewed
CVE-2010-4251
was published
May 13, 2022
The socket implementation in net/core/sock.c in the Linux kernel before 2.6.35 does not properly...
High
Unreviewed
CVE-2010-4805
was published
May 13, 2022
The ethernet-lldp component in Cisco IOS 12.2 before 12.2(33)SXJ1 does not properly support a...
High
Unreviewed
CVE-2011-1640
was published
May 13, 2022
ProTip!
Advisories are also available from the
GraphQL API