GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
20
Go
2,000
Maven
5,000+
npm
3,711
NuGet
661
pip
3,383
Pub
11
RubyGems
885
Rust
849
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
71 advisories
Filter by severity
In search engine service, there is a possible way to change the default search engine due to an...
Moderate
Unreviewed
CVE-2022-20072
was published
Apr 12, 2022
chatwoot is vulnerable to Inefficient Regular Expression Complexity
High
Unreviewed
CVE-2021-3649
was published
May 24, 2022
Cross-origin resource sharing (CORS) enables browsers to perform cross domain requests in a...
Critical
Unreviewed
CVE-2021-27786
was published
Jun 10, 2022
An Incorrect Comparison vulnerability in PFE of Juniper Networks Junos OS allows an adjacent...
Moderate
Unreviewed
CVE-2022-22203
was published
Jul 21, 2022
SWFTools commit 772e55a2 was discovered to contain a floating point exception (FPE) via DCTStream...
Moderate
Unreviewed
CVE-2022-35091
was published
Sep 25, 2022
A vulnerability was found in mrobit robitailletheknot. It has been classified as problematic....
Critical
Unreviewed
CVE-2014-125057
was published
Jan 7, 2023
This vulnerability allows network-adjacent attackers to bypass authentication on affected...
High
Unreviewed
CVE-2020-8864
was published
May 24, 2022
An issue was discovered in Proofpoint Email Protection through 2019-09-08. By collecting scores...
Moderate
Unreviewed
CVE-2019-20634
was published
May 24, 2022
A denial-of-service vulnerability exists in the traffic-logging functionality of FreyrSCADA IEC...
High
Unreviewed
CVE-2020-13559
was published
May 24, 2022
oscommerce v2.3.4.1 has a functional problem in user registration and password rechecking, where...
Critical
Unreviewed
CVE-2020-23360
was published
May 24, 2022
phpList 3.5.3 allows type juggling for login bypass because == is used instead of === for...
Critical
Unreviewed
CVE-2020-23361
was published
May 24, 2022
WeBid 1.2.2 admin/newuser.php has an issue with password rechecking during registration because...
Critical
Unreviewed
CVE-2020-23359
was published
May 24, 2022
A denial of service vulnerability was found in n_tty_receive_char_special in drivers/tty/n_tty.c...
Moderate
Unreviewed
CVE-2021-20219
was published
May 24, 2022
This vulnerability allows network-adjacent attackers to bypass authentication on affected...
High
Unreviewed
CVE-2021-34865
was published
Jan 26, 2022
The Sieve engine in Dovecot before 2.3.15 allows Uncontrolled Resource Consumption, as...
Moderate
Unreviewed
CVE-2020-28200
was published
May 24, 2022
A vulnerability in the Distance Vector Multicast Routing Protocol (DVMRP) of Juniper Networks...
Moderate
Unreviewed
CVE-2021-0295
was published
May 24, 2022
In JetBrains YouTrack before 2021.2.16363, time-unsafe comparisons were used.
High
Unreviewed
CVE-2021-37550
was published
May 24, 2022
An issue was discovered in libjpeg through 2020021. An uncaught floating point exception in the...
Moderate
Unreviewed
CVE-2021-39514
was published
May 24, 2022
jpeg-quantsmooth before commit 8879454 contained a floating point exception (FPE) via /jpeg...
Moderate
Unreviewed
CVE-2022-35434
was published
Aug 17, 2022
fdkaac commit 53fe239 was discovered to contain a floating point exception (FPE) via wav_open at ...
Moderate
Unreviewed
CVE-2022-36148
was published
Aug 17, 2022
XPDF commit ffaf11c was discovered to contain a floating point exception (FPE) via DCTStream:...
Moderate
Unreviewed
CVE-2022-38230
was published
Aug 17, 2022
JPEGDEC commit be4843c was discovered to contain a FPE via DecodeJPEG at /src/jpeg.inl.
Moderate
Unreviewed
CVE-2022-34999
was published
Aug 17, 2022
Incorrect Comparison, Permissive List of Allowed Inputs, and Privilege Context Switching Error in PostgreSQL
Critical
Unreviewed
CVE-2020-25696
was published
Feb 15, 2022
An Incomplete Comparison with Missing Factors vulnerability in the Gallagher Controller allows an...
High
Unreviewed
CVE-2021-23146
was published
Nov 19, 2021
An issue has been discovered in GitLab CE/EE affecting all versions starting from 12.9 before 14...
Moderate
Unreviewed
CVE-2021-39917
was published
Dec 14, 2021
ProTip!
Advisories are also available from the
GraphQL API