Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,050
Erlang
29
GitHub Actions
19
Go
1,876
Maven
5,000+
npm
3,602
NuGet
638
pip
3,199
Pub
10
RubyGems
852
Rust
813
Swift
35
Unreviewed advisories
All unreviewed
5,000+

350 advisories

Panic due to malformed WALs in go.etcd.io/etcd Low
CVE-2020-15106 was published for go.etcd.io/etcd (Go) Feb 7, 2023
Insufficient input validation in the SMU may allow a physical attacker to exfiltrate SMU memory... Low Unreviewed
CVE-2023-20528 was published Jan 11, 2023
In multiple locations, there is a possible display crash loop due to improper input validation.... Low Unreviewed
CVE-2022-20543 was published Dec 19, 2022
An input validation vulnerability exists in Openshift Enterprise due to a 1:1 mapping of tenants... Low Unreviewed
CVE-2017-7517 was published Oct 17, 2022
When curl is used to retrieve and parse cookies from a HTTP(S) server, itaccepts cookies using... Low Unreviewed
CVE-2022-35252 was published Sep 25, 2022
personnummer/dart vulnerable to Improper Input Validation Low
CVE-2023-22963 was published for personnummer (Pub) Sep 19, 2022
In Core Utilities, there is a possible way to craft a malformed Uri object due to improper input... Low Unreviewed
CVE-2022-20338 was published Aug 13, 2022
In Messaging, there is a possible way to attach a private file to an SMS message due to improper... Low Unreviewed
CVE-2022-20241 was published Aug 12, 2022
In JetBrains IntelliJ IDEA before 2022.2 email address validation in the "Git User Name Is Not... Low Unreviewed
CVE-2022-37010 was published Jul 29, 2022
Jetty invalid URI parsing may produce invalid HttpURI.authority Low
CVE-2022-2047 was published for org.eclipse.jetty:jetty-http (Maven) Jul 7, 2022
rafax00
For the Central Licensing Server component used in ABB products ABB Ability™ System 800xA and... Low Unreviewed
CVE-2020-8475 was published May 24, 2022
A component of the HarmonyOS has a Improper Input Validation vulnerability. Local attackers may... Low Unreviewed
CVE-2021-22453 was published May 24, 2022
A component of the HarmonyOS has a Improper Input Validation vulnerability. Local attackers may... Low Unreviewed
CVE-2021-22457 was published May 24, 2022
An improper input validation vulnerability in DSP driver prior to SMR Sep-2021 Release 1 allows... Low Unreviewed
CVE-2021-25457 was published May 24, 2022
Adobe After Effects version 18.2.1 (and earlier) is affected by an Improper input validation... Low Unreviewed
CVE-2021-35995 was published May 24, 2022
Adobe Bridge version 11.0.2 (and earlier) is affected by an uninitialized variable vulnerability... Low Unreviewed
CVE-2021-35991 was published May 24, 2022
Adobe Photoshop versions 21.2.9 (and earlier) and 22.4.2 (and earlier) are affected by an... Low Unreviewed
CVE-2021-36006 was published May 24, 2022
Improper input validation vulnerability in E-mail of Cybozu Garoon 4.0.0 to 5.0.2 allows a remote... Low Unreviewed
CVE-2021-20761 was published May 24, 2022
A vulnerability was found in the Linux kernel in versions before v5.14-rc1. Missing size... Low Unreviewed
CVE-2021-3655 was published May 24, 2022
Some ZTE products have an input verification vulnerability in the diagnostic function interface.... Low Unreviewed
CVE-2021-21726 was published May 24, 2022
In queryInternal of CallLogProvider.java, there is a possible permission bypass due to improper... Low Unreviewed
CVE-2020-0368 was published May 24, 2022
Some ZTE devices have input verification vulnerabilities. The devices support configuring a... Low Unreviewed
CVE-2020-6879 was published May 24, 2022
When typing in a password under certain conditions, a race may have occured where the... Low Unreviewed
CVE-2020-15671 was published May 24, 2022
A denial of service vulnerability exists when Microsoft Hyper-V on a host server fails to... Low Unreviewed
CVE-2020-0904 was published May 24, 2022
HUAWEI Mate 20 smart phones with Versions earlier than 10.1.0.163(C00E160R3P8) have a denial of... Low Unreviewed
CVE-2020-9083 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API