GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,683
Erlang
29
GitHub Actions
16
Go
1,708
Maven
4,944
npm
3,473
NuGet
603
pip
2,995
Pub
10
RubyGems
826
Rust
773
Swift
34
Unreviewed advisories
All unreviewed
5,000+
157 advisories
Filter by severity
MariaDB Server v10.7 and below was discovered to contain a global buffer overflow in the...
High
Unreviewed
CVE-2022-27387
was published
Apr 13, 2022
MariaDB Server v10.7 and below was discovered to contain a segmentation fault via the component...
High
Unreviewed
CVE-2022-27386
was published
Apr 13, 2022
MariaDB Server v10.7 and below was discovered to contain a segmentation fault via the component...
High
Unreviewed
CVE-2022-27382
was published
Apr 13, 2022
An issue in the component Create_tmp_table::finalize of MariaDB Server v10.7 and below was...
High
Unreviewed
CVE-2022-27378
was published
Apr 13, 2022
Improper handling of case sensitivity in Spring Framework
High
CVE-2022-22968
was published
for
org.springframework:spring-context
(Maven)
Apr 15, 2022
A maliciously crafted TIF or PICT file in Autodesk AutoCAD 2022, 2021, 2020, 2019 can be used to...
High
Unreviewed
CVE-2022-27530
was published
Apr 19, 2022
A maliciously crafted PICT, BMP, PSD or TIF file in Autodesk AutoCAD 2022, 2021, 2020, 2019 may...
High
Unreviewed
CVE-2022-27529
was published
Apr 19, 2022
A malicious crafted TGA file when consumed through DesignReview.exe application could lead to...
High
Unreviewed
CVE-2022-27526
was published
Apr 19, 2022
A malicious crafted .dwf file when consumed through DesignReview.exe application could lead to...
High
Unreviewed
CVE-2022-27525
was published
Apr 19, 2022
A vulnerability in SonicOS SNMP service resulting exposure of sensitive information to an...
Moderate
Unreviewed
CVE-2022-22276
was published
Apr 28, 2022
A vulnerability in SonicOS SNMP service resulting exposure of Wireless Access Point sensitive...
Moderate
Unreviewed
CVE-2022-22277
was published
Apr 28, 2022
Improper Restriction of TCP Communication Channel in HTTP/S inbound traffic from WAN to DMZ...
High
Unreviewed
CVE-2022-22275
was published
Apr 28, 2022
A vulnerability in SonicOS CFS (Content filtering service) returns a large 403 forbidden HTTP...
High
Unreviewed
CVE-2022-22278
was published
Apr 28, 2022
The c_rehash script does not properly sanitise shell metacharacters to prevent command injection....
Critical
Unreviewed
CVE-2022-1292
was published
May 4, 2022
Local Information Disclosure Vulnerability in io.netty:netty-codec-http
Moderate
CVE-2022-24823
was published
for
io.netty:netty-codec-http
(Maven)
May 10, 2022
Mitel 6800 and 6900 Series SIP phone devices through 2022-04-27 have "undocumented functionality....
High
Unreviewed
CVE-2022-29855
was published
May 12, 2022
Hardware debug modes and processor INIT setting that allow override of locks for some Intel(R)...
High
Unreviewed
CVE-2022-0004
was published
May 13, 2022
Apache Tika vulnerable to uncontrolled memory consumption
Moderate
CVE-2022-25169
was published
for
org.apache.tika:tika
(Maven)
May 17, 2022
Regular expression denial of service in apache tika
Moderate
CVE-2022-30126
was published
for
org.apache.tika:tika
(Maven)
May 17, 2022
Integer Overflow or Wraparound vulnerability in io_uring of Linux Kernel allows local attacker to...
High
Unreviewed
CVE-2022-1116
was published
May 18, 2022
The querier component in Grafana Enterprise Logs 1.1.x through 1.3.x before 1.4.0 does not...
Critical
Unreviewed
CVE-2022-28660
was published
May 21, 2022
golang.org/x/net/http vulnerable to ping floods
High
CVE-2019-9512
was published
for
golang.org/x/net
(Go)
May 24, 2022
golang.org/x/net/http vulnerable to a reset flood
High
CVE-2019-9514
was published
for
golang.org/x/net
(Go)
May 24, 2022
HTCondor up to and including stable series 8.8.6 and development series 8.9.4 has Incorrect...
Critical
Unreviewed
CVE-2019-18823
was published
May 24, 2022
Go before 1.14.12 and 1.15.x before 1.15.5 allows Code Injection.
Critical
Unreviewed
CVE-2020-28366
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API