GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,076
Erlang
29
GitHub Actions
19
Go
1,895
Maven
5,000+
npm
3,630
NuGet
638
pip
3,244
Pub
10
RubyGems
862
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
351 advisories
Filter by severity
Improper input validation in Bixby Vision prior to version 3.7.70.17 allows attacker to access...
Low
Unreviewed
CVE-2023-21431
was published
Feb 9, 2023
Panic due to malformed WALs in go.etcd.io/etcd
Low
CVE-2020-15106
was published
for
go.etcd.io/etcd
(Go)
Feb 7, 2023
Insufficient input validation in the SMU may allow a physical attacker to exfiltrate SMU memory...
Low
Unreviewed
CVE-2023-20528
was published
Jan 11, 2023
In multiple locations, there is a possible display crash loop due to improper input validation....
Low
Unreviewed
CVE-2022-20543
was published
Dec 19, 2022
An input validation vulnerability exists in Openshift Enterprise due to a 1:1 mapping of tenants...
Low
Unreviewed
CVE-2017-7517
was published
Oct 17, 2022
When curl is used to retrieve and parse cookies from a HTTP(S) server, itaccepts cookies using...
Low
Unreviewed
CVE-2022-35252
was published
Sep 25, 2022
personnummer/dart vulnerable to Improper Input Validation
Low
CVE-2023-22963
was published
for
personnummer
(Pub)
Sep 19, 2022
In Core Utilities, there is a possible way to craft a malformed Uri object due to improper input...
Low
Unreviewed
CVE-2022-20338
was published
Aug 13, 2022
In Messaging, there is a possible way to attach a private file to an SMS message due to improper...
Low
Unreviewed
CVE-2022-20241
was published
Aug 12, 2022
In JetBrains IntelliJ IDEA before 2022.2 email address validation in the "Git User Name Is Not...
Low
Unreviewed
CVE-2022-37010
was published
Jul 29, 2022
Jetty invalid URI parsing may produce invalid HttpURI.authority
Low
CVE-2022-2047
was published
for
org.eclipse.jetty:jetty-http
(Maven)
Jul 7, 2022
For the Central Licensing Server component used in ABB products ABB Ability™ System 800xA and...
Low
Unreviewed
CVE-2020-8475
was published
May 24, 2022
A component of the HarmonyOS has a Improper Input Validation vulnerability. Local attackers may...
Low
Unreviewed
CVE-2021-22457
was published
May 24, 2022
A component of the HarmonyOS has a Improper Input Validation vulnerability. Local attackers may...
Low
Unreviewed
CVE-2021-22453
was published
May 24, 2022
An improper input validation vulnerability in DSP driver prior to SMR Sep-2021 Release 1 allows...
Low
Unreviewed
CVE-2021-25457
was published
May 24, 2022
Adobe After Effects version 18.2.1 (and earlier) is affected by an Improper input validation...
Low
Unreviewed
CVE-2021-35995
was published
May 24, 2022
Adobe Bridge version 11.0.2 (and earlier) is affected by an uninitialized variable vulnerability...
Low
Unreviewed
CVE-2021-35991
was published
May 24, 2022
Adobe Photoshop versions 21.2.9 (and earlier) and 22.4.2 (and earlier) are affected by an...
Low
Unreviewed
CVE-2021-36006
was published
May 24, 2022
Improper input validation vulnerability in E-mail of Cybozu Garoon 4.0.0 to 5.0.2 allows a remote...
Low
Unreviewed
CVE-2021-20761
was published
May 24, 2022
A vulnerability was found in the Linux kernel in versions before v5.14-rc1. Missing size...
Low
Unreviewed
CVE-2021-3655
was published
May 24, 2022
Some ZTE products have an input verification vulnerability in the diagnostic function interface....
Low
Unreviewed
CVE-2021-21726
was published
May 24, 2022
In queryInternal of CallLogProvider.java, there is a possible permission bypass due to improper...
Low
Unreviewed
CVE-2020-0368
was published
May 24, 2022
Some ZTE devices have input verification vulnerabilities. The devices support configuring a...
Low
Unreviewed
CVE-2020-6879
was published
May 24, 2022
When typing in a password under certain conditions, a race may have occured where the...
Low
Unreviewed
CVE-2020-15671
was published
May 24, 2022
A denial of service vulnerability exists when Microsoft Hyper-V on a host server fails to...
Low
Unreviewed
CVE-2020-0904
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API