Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
73
GitHub Actions
52
Go
3,975
Maven
5,000+
npm
5,000+
NuGet
973
pip
5,000+
Pub
13
RubyGems
1,069
Rust
1,387
Swift
56
Unreviewed advisories
All unreviewed
5,000+

119 advisories

Loading
A vulnerability in the VXLAN Operation, Administration, and Maintenance (OAM) feature of Cisco NX... High Unreviewed
CVE-2021-1587 was published May 24, 2022
Firefox incorrectly treated an inline list-item element as a block element, resulting in an out... High Unreviewed
CVE-2021-29988 was published May 24, 2022
Microsoft SharePoint Server Remote Code Execution Vulnerability High Unreviewed
CVE-2021-28474 was published May 24, 2022
An improper interpretation conflict of certain data between certain software components within... High Unreviewed
CVE-2021-0207 was published May 24, 2022
A vulnerability in the FTP inspection engine of Cisco Adaptive Security Appliance (ASA) Software... Moderate Unreviewed
CVE-2020-3564 was published May 24, 2022
A vulnerability in the Secure Shell (SSH) server code of Cisco IOS Software and Cisco IOS XE... High Unreviewed
CVE-2020-3200 was published May 24, 2022
For ABB eSOMS versions 4.0 to 6.0.3, the X-Content-Type-Options Header is missing in the HTTP... Moderate Unreviewed
CVE-2019-19089 was published May 24, 2022
The Quick Heal AV parsing engine (November 2019) allows virus-detection bypass via a crafted... Moderate Unreviewed
CVE-2020-9362 was published May 24, 2022
The Sophos AV parsing engine before 2020-01-14 allows virus-detection bypass via a crafted ZIP... Moderate Unreviewed
CVE-2020-9363 was published May 24, 2022
An issue was discovered in Suricata 5.0.0. It is possible to bypass/evade any tcp based signature... Moderate Unreviewed
CVE-2019-18792 was published May 24, 2022
The Lever PDF Embedder plugin 4.4 for WordPress does not block the distribution of polyglot PDF... High Unreviewed
CVE-2019-19589 was published May 24, 2022
Go before 1.12.11 and 1.3.x before 1.13.2 can panic upon an attempt to process network traffic... Moderate Unreviewed
CVE-2019-17596 was published May 24, 2022
In dbus-proxy/flatpak-proxy.c in Flatpak before 0.8.9, and 0.9.x and 0.10.x before 0.10.3,... High Unreviewed
CVE-2018-6560 was published May 13, 2022
An issue was discovered in Xen through 4.11.x allowing x86 PV guest OS users to cause a denial of... High Unreviewed
CVE-2018-19966 was published May 13, 2022
bgpd in FRRouting FRR (aka Free Range Routing) 2.x and 3.x before 3.0.4, 4.x before 4.0.1, 5.x... Moderate Unreviewed
CVE-2019-5892 was published May 13, 2022
A null byte interaction error has been discovered in the code that the telnetd_startup daemon... High Unreviewed
CVE-2022-25219 was published Mar 11, 2022
PAN-OS software provides options to exclude specific websites from URL category enforcement and... Moderate Unreviewed
CVE-2022-0011 was published Feb 11, 2022
Ethereum Contains Consensus Flaw During Block Processing Moderate
CVE-2021-39137 was published for github.com/ethereum/go-ethereum (Go) Aug 30, 2021
guidovranken Credited to guidovranken
Misinterpretation of malicious XML input Moderate
CVE-2021-21366 was published for xmldom (npm) Mar 12, 2021
jupenur Credited to jupenur, karfau, and brody2consult karfau karfau
brody2consult brody2consult
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database