Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,988
Erlang
29
GitHub Actions
16
Go
1,778
Maven
5,000+
npm
3,544
NuGet
619
pip
3,128
Pub
10
RubyGems
838
Rust
791
Swift
34
Unreviewed advisories
All unreviewed
5,000+

38 advisories

Loading
Proofpoint Enterprise Protection (PPS/PoD) before 8.17.0 contains a vulnerability that could... Moderate Unreviewed
CVE-2020-14009 was published May 24, 2022
There is an insufficient integrity check vulnerability in Huawei Sound X Product. The system does... Moderate Unreviewed
CVE-2020-9118 was published May 24, 2022
Moodle Grade information disclosure in grade's external fetch functions Moderate
CVE-2021-20184 was published for moodle/moodle (Composer) May 24, 2022
Improper validation of integrity check value vulnerability in Aterm SA3500G firmware versions... Moderate Unreviewed
CVE-2020-5637 was published May 24, 2022
NVIDIA Windows GPU Display Driver, all versions, contains a vulnerability in the service host... Moderate Unreviewed
CVE-2020-5964 was published May 24, 2022
An issue was discovered in Zoho ManageEngine AssetExplorer 6.5. During an upgrade of the Windows... Moderate Unreviewed
CVE-2020-8838 was published May 24, 2022
A security feature bypass exists when Windows incorrectly validates CAB file signatures, aka ... Moderate Unreviewed
CVE-2019-1163 was published May 24, 2022
The Comcast firmware on Motorola MX011ANM (firmware version MX011AN_2.9p6s1_PROD_sey) and Xfinity... Moderate Unreviewed
CVE-2017-9498 was published May 13, 2022
Improper Validation of Integrity Check Value in Bouncy Castle Moderate
CVE-2018-5382 was published for org.bouncycastle:bcprov-jdk15on (Maven) May 13, 2022
On all versions of 16.1.x, 15.1.x, 14.1.x, 13.1.x, 12.1.x, and 11.6.x of F5 BIG-IP Advanced WAF,... Moderate Unreviewed
CVE-2022-25946 was published May 6, 2022
A vulnerability was found in the Linux kernel's block_invalidatepage in fs/buffer.c in the... Moderate Unreviewed
CVE-2021-4148 was published Mar 24, 2022
A flaw was found in the Linux SCTP stack. A blind attacker may be able to kill an existing SCTP... Moderate Unreviewed
CVE-2021-3772 was published Mar 4, 2022
tlslite-ng off-by-one error on mac checking Moderate
CVE-2018-1000159 was published for tlslite-ng (pip) Jul 12, 2018
ProTip! Advisories are also available from the GraphQL API