Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,300
Erlang
31
GitHub Actions
21
Go
2,069
Maven
5,000+
npm
3,744
NuGet
668
pip
3,429
Pub
12
RubyGems
892
Rust
880
Swift
36
Unreviewed advisories
All unreviewed
5,000+

10,772 advisories

Loading
MadsKristensen.AspNetCore.Miniblog subject to Improper Input Validation Critical
CVE-2019-9845 was published for MadsKristensen.AspNetCore.Miniblog (NuGet) Jul 5, 2019
Permissive parameters and privilege escalation Moderate
CVE-2018-20301 was published for coherence (Erlang) Feb 10, 2022
Header Injection Moderate
CVE-2018-1000883 was published for plug (Erlang) Apr 12, 2022
Insufficient type validation in pocketmine/pocketmine-mp High
GHSA-g5rr-p69h-7v3g was published for pocketmine/pocketmine-mp (Composer) Apr 22, 2022
kurt-r2c
personnummer/dart vulnerable to Improper Input Validation Low
CVE-2023-22963 was published for personnummer (Pub) Sep 19, 2022
Insufficient input validation in the SMU may allow a physical attacker to exfiltrate SMU memory... Low Unreviewed
CVE-2023-20528 was published Jan 11, 2023
Insufficient syscall input validation in the ASP Bootloader may allow a privileged attacker to... Moderate Unreviewed
CVE-2023-20525 was published Jan 11, 2023
Shopware has Improper Input Validation issue in newsletter subscription Moderate
CVE-2023-22734 was published for shopware/core (Composer) Jan 20, 2023
Improper Input Validation vulnerability in HTTP/1.1 header parsing of Apache Traffic Server... High Unreviewed
CVE-2022-28129 was published Aug 11, 2022
Improper Input Validation vulnerability in header parsing of Apache Traffic Server allows an... High Unreviewed
CVE-2021-37150 was published Aug 11, 2022
gatsby-transformer-remark has possible unsanitized JavaScript code injection High
CVE-2023-22491 was published for gatsby-transformer-remark (npm) Jan 11, 2023
Publify Improper Input Validation vulnerability Critical
CVE-2023-0299 was published for publify_core (RubyGems) Jan 14, 2023
Improper Input Validation in pyload-ng Moderate
CVE-2023-0434 was published for pyload-ng (pip) Jan 22, 2023
Sanitize vulnerable to Improper Input Validation and Cross-site Scripting High
CVE-2018-3740 was published for sanitize (RubyGems) Mar 21, 2018
The icmp6_send function in net/ipv6/icmp.c in the Linux kernel through 4.8.12 omits a certain... High Unreviewed
CVE-2016-9919 was published May 17, 2022
papercrop does not properly handle crop input Critical
CVE-2015-2784 was published for papercrop (RubyGems) May 24, 2022
Shopware vulnerable to Improper Input Validation of Clearance sale in cart Moderate
CVE-2023-22730 was published for shopware/core (Composer) Jan 17, 2023
JoshuaBehrens aragon999
It was discovered that the SteelCentral AppInternals Dynamic Sampling Agent (DSA) has Remote Code... Critical Unreviewed
CVE-2021-42786 was published Mar 11, 2022
Improper Input Validation in url-js Moderate
CVE-2022-25839 was published for url-js (npm) Mar 12, 2022
SAS Logon Manager v9.4 was discovered to contain a vulnerability in the web UI which would allow... Moderate Unreviewed
CVE-2021-42186 was published Mar 11, 2022
CuppaCMS v1.0 was discovered to contain a remote code execution (RCE) vulnerability via the... Critical Unreviewed
CVE-2022-25498 was published Mar 16, 2022
In setDisplayPadding of WallpaperManagerService.java, there is a possible way to cause a... Moderate Unreviewed
CVE-2021-39690 was published Mar 17, 2022
In serviceConnection of ControlsProviderLifecycleManager.kt, there is a possible way to keep... High Unreviewed
CVE-2021-39701 was published Mar 17, 2022
kio/kio/tcpslavebase.cpp in KDE KSSL in kdelibs before 4.6.1 does not properly verify that the... Moderate Unreviewed
CVE-2011-1094 was published May 17, 2022
Multiple CRLF injection vulnerabilities in Adobe ColdFusion 8.0 through 9.0.1 allow remote... Moderate Unreviewed
CVE-2011-0581 was published May 17, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database