GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,096
Erlang
29
GitHub Actions
19
Go
1,925
Maven
5,000+
npm
3,654
NuGet
638
pip
3,263
Pub
10
RubyGems
873
Rust
823
Swift
35
Unreviewed advisories
All unreviewed
5,000+
113 advisories
Filter by severity
Google Chrome before 16.0.912.63 does not properly perform regex matching, which allows remote...
Moderate
Unreviewed
CVE-2011-3903
was published
May 13, 2022
An issue has been discovered in GitLab CE/EE affecting all versions starting from 12.9 before 14...
Moderate
Unreviewed
CVE-2021-39917
was published
Dec 14, 2021
An Incomplete Comparison with Missing Factors vulnerability in the Gallagher Controller allows an...
High
Unreviewed
CVE-2021-23146
was published
Nov 19, 2021
Incorrect Regular Expression in RestSharp
High
CVE-2021-27293
was published
for
RestSharp
(NuGet)
Jul 14, 2021
Incorrect Comparison, Permissive List of Allowed Inputs, and Privilege Context Switching Error in PostgreSQL
Critical
Unreviewed
CVE-2020-25696
was published
Feb 15, 2022
JPEGDEC commit be4843c was discovered to contain a FPE via DecodeJPEG at /src/jpeg.inl.
Moderate
Unreviewed
CVE-2022-34999
was published
Aug 17, 2022
XPDF commit ffaf11c was discovered to contain a floating point exception (FPE) via DCTStream:...
Moderate
Unreviewed
CVE-2022-38230
was published
Aug 17, 2022
fdkaac commit 53fe239 was discovered to contain a floating point exception (FPE) via wav_open at ...
Moderate
Unreviewed
CVE-2022-36148
was published
Aug 17, 2022
jpeg-quantsmooth before commit 8879454 contained a floating point exception (FPE) via /jpeg...
Moderate
Unreviewed
CVE-2022-35434
was published
Aug 17, 2022
Inefficient Regular Expression Complexity in vuelidate
High
CVE-2021-3794
was published
for
@vuelidate/validators
(npm)
Sep 20, 2021
An issue was discovered in libjpeg through 2020021. An uncaught floating point exception in the...
Moderate
Unreviewed
CVE-2021-39514
was published
May 24, 2022
In JetBrains YouTrack before 2021.2.16363, time-unsafe comparisons were used.
High
Unreviewed
CVE-2021-37550
was published
May 24, 2022
A vulnerability in the Distance Vector Multicast Routing Protocol (DVMRP) of Juniper Networks...
Moderate
Unreviewed
CVE-2021-0295
was published
May 24, 2022
The Sieve engine in Dovecot before 2.3.15 allows Uncontrolled Resource Consumption, as...
Moderate
Unreviewed
CVE-2020-28200
was published
May 24, 2022
This vulnerability allows network-adjacent attackers to bypass authentication on affected...
High
Unreviewed
CVE-2021-34865
was published
Jan 26, 2022
A denial of service vulnerability was found in n_tty_receive_char_special in drivers/tty/n_tty.c...
Moderate
Unreviewed
CVE-2021-20219
was published
May 24, 2022
WeBid 1.2.2 admin/newuser.php has an issue with password rechecking during registration because...
Critical
Unreviewed
CVE-2020-23359
was published
May 24, 2022
phpList 3.5.3 allows type juggling for login bypass because == is used instead of === for...
Critical
Unreviewed
CVE-2020-23361
was published
May 24, 2022
oscommerce v2.3.4.1 has a functional problem in user registration and password rechecking, where...
Critical
Unreviewed
CVE-2020-23360
was published
May 24, 2022
A denial-of-service vulnerability exists in the traffic-logging functionality of FreyrSCADA IEC...
High
Unreviewed
CVE-2020-13559
was published
May 24, 2022
An issue was discovered in Proofpoint Email Protection through 2019-09-08. By collecting scores...
Moderate
Unreviewed
CVE-2019-20634
was published
May 24, 2022
This vulnerability allows network-adjacent attackers to bypass authentication on affected...
High
Unreviewed
CVE-2020-8864
was published
May 24, 2022
A vulnerability was found in mrobit robitailletheknot. It has been classified as problematic....
Critical
Unreviewed
CVE-2014-125057
was published
Jan 7, 2023
JetBrains Ktor before 2.1.0 was vulnerable to a Reflect File Download attack
Moderate
CVE-2022-38179
was published
for
io.ktor:ktor
(Maven)
Aug 13, 2022
Regular expression denial of service in eth-account
Moderate
CVE-2022-1930
was published
for
eth-account
(pip)
Aug 23, 2022
ProTip!
Advisories are also available from the
GraphQL API