Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,285
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,741
NuGet
668
pip
3,422
Pub
12
RubyGems
892
Rust
875
Swift
36
Unreviewed advisories
All unreviewed
5,000+

422 advisories

Loading
An issue was discovered in the Currency Switcher addon before 2.11.2 for WooCommerce if a user... Moderate Unreviewed
CVE-2019-18668 was published May 24, 2022
In Sudo before 1.8.28, an attacker with access to a Runas ALL sudoer account can bypass certain... High Unreviewed
CVE-2019-14287 was published May 24, 2022
An elevation of privilege vulnerability exists when Windows Error Reporting manager improperly... High Unreviewed
CVE-2019-1342 was published May 24, 2022
Unbound before 1.9.4 accesses uninitialized memory, which allows remote attackers to trigger a... High Unreviewed
CVE-2019-16866 was published May 24, 2022
In a rare scenario, Check Point R80.30 Security Gateway before JHF Take 50 managed by Check Point... High Unreviewed
CVE-2019-8462 was published May 24, 2022
An exploitable memory corruption vulnerability exists in the JavaScript engine of Foxit Software... High Unreviewed
CVE-2019-5031 was published May 24, 2022
Zcashd in Zcash before 2.0.7-3 allows discovery of the IP address of a full node that owns a... Moderate Unreviewed
CVE-2019-16930 was published May 24, 2022
An issue was discovered in 3S-Smart CODESYS before 3.5.15.0 . Crafted network packets cause the... High Unreviewed
CVE-2019-9009 was published May 24, 2022
Java Facebook Thrift servers would not error upon receiving messages with containers of fields of... High Unreviewed
CVE-2019-3559 was published May 24, 2022
burn allows file names to escape via mishandled quotation marks Critical Unreviewed
CVE-2009-5043 was published Apr 21, 2022
** UNSUPPORTED WHEN ASSIGNED ** sys/netinet/tcp_timer.h in FreeBSD before 7.0 contains a denial... High Unreviewed
CVE-2022-32264 was published Sep 7, 2022
** DISPUTED ** Styra Open Policy Agent (OPA) Gatekeeper through 3.7.0 mishandles concurrency,... Moderate Unreviewed
CVE-2021-43979 was published May 24, 2022
** UNSUPPORTED WHEN ASSIGNED ** An issue was discovered in ReadyTalk Avian 1.2.0. The vm:... Moderate Unreviewed
CVE-2020-17361 was published May 24, 2022
When curl is instructed to download content using the metalink feature, thecontents is verified... High Unreviewed
CVE-2021-22922 was published May 24, 2022
Buffer Overflow vulnerability in baramundi software GmbH EMM Agent 23.1.50 and before allows an... Moderate Unreviewed
CVE-2023-37605 was published Oct 2, 2023
An Improper Handling of Exceptional Conditions vulnerability in AS PATH processing of Juniper... High Unreviewed
CVE-2023-44186 was published Oct 11, 2023
JFrog Artifactory later than version 7.17.4 but prior to version 7.77.0 is vulnerable to an issue... Moderate Unreviewed
CVE-2023-42509 was published Mar 7, 2024
Denial of Service in http-swagger High
CVE-2022-24863 was published for github.com/swaggo/http-swagger (Go) Apr 22, 2022
Improper Handling of Exceptional Conditions in Apache Tomcat High
CVE-2017-5664 was published for org.apache.tomcat:tomcat (Maven) May 13, 2022
sunSUNQ
In apusys, there is a possible memory corruption due to incorrect error handling. This could lead... High Unreviewed
CVE-2021-0668 was published Nov 19, 2021
app/Controller/Component/IndexFilterComponent.php in MISP before 2.4.167 mishandles... Critical Unreviewed
CVE-2022-48328 was published Feb 20, 2023
fs/splice.c in the splice subsystem in the Linux kernel before 2.6.22.2 does not properly handle... Moderate Unreviewed
CVE-2008-4302 was published May 2, 2022
lock order inversion in transitive grant copy handling As part of XSA-226 a missing cleanup call... Moderate Unreviewed
CVE-2022-33748 was published Oct 11, 2022
issues with partially successful P2M updates on x86 T[his CNA information record relates to... High Unreviewed
CVE-2021-28709 was published May 24, 2022
issues with partially successful P2M updates on x86 T[his CNA information record relates to... High Unreviewed
CVE-2021-28705 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database