GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,132
Erlang
29
GitHub Actions
19
Go
1,937
Maven
5,000+
npm
3,676
NuGet
642
pip
3,292
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+
10,639 advisories
Filter by severity
Cisco IronPort Web Security Appliance AsyncOS software prior to 7.5 has a SSL Certificate Caching...
Moderate
Unreviewed
CVE-2012-0334
was published
Apr 23, 2022
gnome-keyring does not discard stored secrets when using gnome_keyring_lock_all_sync function
High
Unreviewed
CVE-2012-6111
was published
Apr 23, 2022
ecryptfs-utils: suid helper does not restrict mounting filesystems with nosuid,nodev which...
High
Unreviewed
CVE-2012-3409
was published
Apr 23, 2022
LibreOffice and OpenOffice automatically open embedded content
Moderate
Unreviewed
CVE-2012-5639
was published
Apr 23, 2022
FreeBSD: Input Validation Flaw allows local users to gain elevated privileges
High
Unreviewed
CVE-2012-4576
was published
Apr 23, 2022
An issue was discovered in dhclient 4.3.1-6 due to an embedded path variable.
High
Unreviewed
CVE-2012-2248
was published
Apr 23, 2022
cumin: At installation postgresql database user created without password
Critical
Unreviewed
CVE-2012-3460
was published
Apr 23, 2022
mono 2.10.x ASP.NET Web Form Hash collision DoS
High
Unreviewed
CVE-2012-3543
was published
Apr 23, 2022
xlockmore before 5.43 'dclock' security bypass vulnerability
High
Unreviewed
CVE-2012-4524
was published
Apr 23, 2022
pam_shield before 0.9.4: Default configuration does not perform protective action
High
Unreviewed
CVE-2012-2350
was published
Apr 23, 2022
RubyGems passenger gem allows remote attackers to delete files
High
CVE-2012-6135
was published
for
passenger
(RubyGems)
Apr 23, 2022
Falconpl before 0.9.6.9-git20120606 misuses the libcurl API which may allow remote attackers to...
High
Unreviewed
CVE-2012-6070
was published
Apr 23, 2022
Chicken before 4.8.0 does not properly handle NUL bytes in certain strings, which allows an...
Moderate
Unreviewed
CVE-2012-6123
was published
Apr 23, 2022
Chicken before 4.8.0 is susceptible to algorithmic complexity attacks related to hash table...
Critical
Unreviewed
CVE-2012-6125
was published
Apr 23, 2022
SugarCRM CE <= 6.3.1 contains scripts that use "unserialize()" with user controlled input which...
Critical
Unreviewed
CVE-2012-0694
was published
Apr 23, 2022
gdk-pixbuf through 2.31.1 has GIF loader buffer overflow when initializing decompression tables...
Critical
Unreviewed
CVE-2011-2897
was published
Apr 23, 2022
A potential vulnerability in LenovoVariable SMI Handler due to insufficient validation in some...
High
Unreviewed
CVE-2021-3970
was published
Apr 23, 2022
A potential vulnerability in the SMI callback function used in the Legacy BIOS mode driver in...
High
Unreviewed
CVE-2021-4212
was published
Apr 23, 2022
A potential vulnerability in the SMI callback function used in the SMBIOS event log driver in...
High
Unreviewed
CVE-2021-4211
was published
Apr 23, 2022
A potential vulnerability due to improper buffer validation in the SMI handler...
High
Unreviewed
CVE-2022-1108
was published
Apr 23, 2022
A potential vulnerability due to use of Boot Services in the SmmOEMInt15 SMI handler in some...
High
Unreviewed
CVE-2022-1107
was published
Apr 23, 2022
Insufficient type validation in pocketmine/pocketmine-mp
High
GHSA-g5rr-p69h-7v3g
was published
for
pocketmine/pocketmine-mp
(Composer)
Apr 22, 2022
Improper Input Validation in GeoServer
High
CVE-2022-24847
was published
for
org.geoserver:gs-main
(Maven)
Apr 22, 2022
Missing input validation can lead to command execution in composer
High
CVE-2022-24828
was published
for
composer/composer
(Composer)
Apr 22, 2022
ProTip!
Advisories are also available from the
GraphQL API