GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
115 advisories
Filter by severity
A type juggling vulnerability in the component /auth/fn.php of PlaySMS v1.4.5 and earlier allows...
Critical
Unreviewed
CVE-2022-47034
was published
Feb 14, 2023
Dell SupportAssist for Home PCs (version 3.11.2 and prior) contain Overly Permissive Cross-domain...
Moderate
Unreviewed
CVE-2022-34366
was published
Feb 10, 2023
The Remote Mount feature can potentially be abused by valid, authenticated users to make...
Moderate
Unreviewed
CVE-2022-34888
was published
Jan 31, 2023
A vulnerability was found in mrobit robitailletheknot. It has been classified as problematic....
Critical
Unreviewed
CVE-2014-125057
was published
Jan 7, 2023
Floating Point Comparison with Incorrect Operator in GitHub repository vim/vim prior to 9.0.0804.
Moderate
Unreviewed
CVE-2022-4293
was published
Dec 5, 2022
Dell Wyse ThinOS 2205 contains a Regular Expression Denial of Service Vulnerability in UI. An...
Moderate
Unreviewed
CVE-2022-34402
was published
Oct 11, 2022
SWFTools commit 772e55a2 was discovered to contain a floating point exception (FPE) via DCTStream...
Moderate
Unreviewed
CVE-2022-35091
was published
Sep 25, 2022
uri-template-lite Regular Expression Denial of Service
Moderate
CVE-2021-43309
was published
for
uri-template-lite
(npm)
Aug 25, 2022
Regular expression denial of service in eth-account
Moderate
CVE-2022-1930
was published
for
eth-account
(pip)
Aug 23, 2022
XPDF commit ffaf11c was discovered to contain a floating point exception (FPE) via DCTStream:...
Moderate
Unreviewed
CVE-2022-38230
was published
Aug 17, 2022
fdkaac commit 53fe239 was discovered to contain a floating point exception (FPE) via wav_open at ...
Moderate
Unreviewed
CVE-2022-36148
was published
Aug 17, 2022
jpeg-quantsmooth before commit 8879454 contained a floating point exception (FPE) via /jpeg...
Moderate
Unreviewed
CVE-2022-35434
was published
Aug 17, 2022
JPEGDEC commit be4843c was discovered to contain a FPE via DecodeJPEG at /src/jpeg.inl.
Moderate
Unreviewed
CVE-2022-34999
was published
Aug 17, 2022
JetBrains Ktor before 2.1.0 was vulnerable to a Reflect File Download attack
Moderate
CVE-2022-38179
was published
for
io.ktor:ktor
(Maven)
Aug 13, 2022
An Incorrect Comparison vulnerability in PFE of Juniper Networks Junos OS allows an adjacent...
Moderate
Unreviewed
CVE-2022-22203
was published
Jul 21, 2022
Cross-origin resource sharing (CORS) enables browsers to perform cross domain requests in a...
Critical
Unreviewed
CVE-2021-27786
was published
Jun 10, 2022
In SoX 14.4.2, there is a floating-point exception in lsx_aiffstartwrite in aiff.c in libsox.a.
Moderate
Unreviewed
CVE-2022-31650
was published
May 26, 2022
Integria IMS login check uses a loose comparator ("==") to compare the MD5 hash of the password...
Critical
Unreviewed
CVE-2021-3833
was published
May 24, 2022
An issue was discovered in libjpeg through 2020021. An uncaught floating point exception in the...
Moderate
Unreviewed
CVE-2021-39514
was published
May 24, 2022
In JetBrains YouTrack before 2021.2.16363, time-unsafe comparisons were used.
High
Unreviewed
CVE-2021-37550
was published
May 24, 2022
chatwoot is vulnerable to Inefficient Regular Expression Complexity
High
Unreviewed
CVE-2021-3649
was published
May 24, 2022
A vulnerability in the Distance Vector Multicast Routing Protocol (DVMRP) of Juniper Networks...
Moderate
Unreviewed
CVE-2021-0295
was published
May 24, 2022
The Sieve engine in Dovecot before 2.3.15 allows Uncontrolled Resource Consumption, as...
Moderate
Unreviewed
CVE-2020-28200
was published
May 24, 2022
A denial of service vulnerability was found in n_tty_receive_char_special in drivers/tty/n_tty.c...
Moderate
Unreviewed
CVE-2021-20219
was published
May 24, 2022
Codiad Vulnerable to PHP Magic Hash Vulnerability
High
CVE-2020-23355
was published
for
codiad/codiad
(Composer)
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API