Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,132
Erlang
29
GitHub Actions
19
Go
1,937
Maven
5,000+
npm
3,676
NuGet
642
pip
3,292
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+

10,639 advisories

Loading
Cisco IronPort Web Security Appliance AsyncOS software prior to 7.5 has a SSL Certificate Caching... Moderate Unreviewed
CVE-2012-0334 was published Apr 23, 2022
gnome-keyring does not discard stored secrets when using gnome_keyring_lock_all_sync function High Unreviewed
CVE-2012-6111 was published Apr 23, 2022
ecryptfs-utils: suid helper does not restrict mounting filesystems with nosuid,nodev which... High Unreviewed
CVE-2012-3409 was published Apr 23, 2022
LibreOffice and OpenOffice automatically open embedded content Moderate Unreviewed
CVE-2012-5639 was published Apr 23, 2022
FreeBSD: Input Validation Flaw allows local users to gain elevated privileges High Unreviewed
CVE-2012-4576 was published Apr 23, 2022
An issue was discovered in dhclient 4.3.1-6 due to an embedded path variable. High Unreviewed
CVE-2012-2248 was published Apr 23, 2022
opendnssec misuses libcurl API Critical Unreviewed
CVE-2012-5582 was published Apr 23, 2022
cumin: At installation postgresql database user created without password Critical Unreviewed
CVE-2012-3460 was published Apr 23, 2022
mono 2.10.x ASP.NET Web Form Hash collision DoS High Unreviewed
CVE-2012-3543 was published Apr 23, 2022
xlockmore before 5.43 'dclock' security bypass vulnerability High Unreviewed
CVE-2012-4524 was published Apr 23, 2022
pam_shield before 0.9.4: Default configuration does not perform protective action High Unreviewed
CVE-2012-2350 was published Apr 23, 2022
RubyGems passenger gem allows remote attackers to delete files High
CVE-2012-6135 was published for passenger (RubyGems) Apr 23, 2022
jasnow
Falconpl before 0.9.6.9-git20120606 misuses the libcurl API which may allow remote attackers to... High Unreviewed
CVE-2012-6070 was published Apr 23, 2022
Chicken before 4.8.0 does not properly handle NUL bytes in certain strings, which allows an... Moderate Unreviewed
CVE-2012-6123 was published Apr 23, 2022
Chicken before 4.8.0 is susceptible to algorithmic complexity attacks related to hash table... Critical Unreviewed
CVE-2012-6125 was published Apr 23, 2022
SugarCRM CE <= 6.3.1 contains scripts that use "unserialize()" with user controlled input which... Critical Unreviewed
CVE-2012-0694 was published Apr 23, 2022
gdk-pixbuf through 2.31.1 has GIF loader buffer overflow when initializing decompression tables... Critical Unreviewed
CVE-2011-2897 was published Apr 23, 2022
A potential vulnerability in LenovoVariable SMI Handler due to insufficient validation in some... High Unreviewed
CVE-2021-3970 was published Apr 23, 2022
A potential vulnerability in the SMI callback function used in the Legacy BIOS mode driver in... High Unreviewed
CVE-2021-4212 was published Apr 23, 2022
A potential vulnerability in the SMI callback function used in the SMBIOS event log driver in... High Unreviewed
CVE-2021-4211 was published Apr 23, 2022
A potential vulnerability due to improper buffer validation in the SMI handler... High Unreviewed
CVE-2022-1108 was published Apr 23, 2022
A potential vulnerability due to use of Boot Services in the SmmOEMInt15 SMI handler in some... High Unreviewed
CVE-2022-1107 was published Apr 23, 2022
Insufficient type validation in pocketmine/pocketmine-mp High
GHSA-g5rr-p69h-7v3g was published for pocketmine/pocketmine-mp (Composer) Apr 22, 2022
kurt-r2c
Improper Input Validation in GeoServer High
CVE-2022-24847 was published for org.geoserver:gs-main (Maven) Apr 22, 2022
kurt-r2c
Missing input validation can lead to command execution in composer High
CVE-2022-24828 was published for composer/composer (Composer) Apr 22, 2022
thomas-chauchefoin-sonarsource
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database