Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,076
Erlang
29
GitHub Actions
19
Go
1,895
Maven
5,000+
npm
3,630
NuGet
638
pip
3,244
Pub
10
RubyGems
862
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

51 advisories

Loading
Misuse of `Reference` and other transferable APIs may lead to access to nodejs isolate High
CVE-2021-21413 was published for isolated-vm (npm) Apr 6, 2021
vdata1 cristianstaicu
Improper Control of Dynamically-Managed Code Resources in config-shield Moderate
CVE-2021-26276 was published for config-shield (npm) Apr 13, 2021
Use of Potentially Dangerous Function in mixme High
CVE-2021-29491 was published for mixme (npm) May 6, 2021
CySirX
Prototype pollution in nestie Critical
CVE-2021-25947 was published for nestie (npm) Jun 7, 2021
Header dropping in traefik Moderate
CVE-2021-32813 was published for github.com/traefik/traefik (Go) Aug 5, 2021
Prototype Pollution in config-handler Critical
CVE-2021-23448 was published for config-handler (npm) Oct 12, 2021
Authenticated administrators may modify the main YAML configuration file and load a Java class... High Unreviewed
CVE-2021-23262 was published Dec 3, 2021
Authenticated users with Administrator or Developer roles may execute OS commands by Groovy... High Unreviewed
CVE-2021-23259 was published Dec 3, 2021
Authenticated users with Administrator or Developer roles may execute OS commands by SPEL... High Unreviewed
CVE-2021-23258 was published Dec 3, 2021
Serialization gadgets exploit in jackson-databind High
CVE-2020-35491 was published for com.fasterxml.jackson.core:jackson-databind (Maven) Dec 9, 2021
mpihelgas
Improper Access Control of Dynamically-Managed Code Resources (DLL) in Thales Sentinel Protection... High Unreviewed
CVE-2021-42809 was published Dec 21, 2021
Improper Control of Dynamically-Managed Code Resources in Crafter CMS Crafter Studio High
CVE-2020-25803 was published for org.craftercms:crafter-studio (Maven) Feb 9, 2022
Improper Control of Dynamically-Managed Code Resources in Crafter CMS Crafter Studio High
CVE-2020-25802 was published for org.craftercms:crafter-studio (Maven) Feb 9, 2022
In the Linux kernel through 5.16.10, certain binary files may have the exec-all attribute if they... High Unreviewed
CVE-2022-25265 was published Feb 17, 2022
A vulnerability in the Fibre Channel over Ethernet (FCoE) N-port Virtualization (NPV) protocol... High Unreviewed
CVE-2019-1617 was published May 13, 2022
A vulnerability in the Fibre Channel over Ethernet (FCoE) protocol implementation in Cisco NX-OS... Moderate Unreviewed
CVE-2019-1595 was published May 13, 2022
distribute-cache.c in ImageMagick re-uses objects after they have been destroyed, which allows... Critical Unreviewed
CVE-2014-9852 was published May 14, 2022
Crafter CMS Crafter Studio vulnerable to Improper Control of Dynamically-Managed Code Resources High
CVE-2021-23267 was published for org.craftercms:crafter-studio (Maven) May 17, 2022
GitHub Enterprise before 20120304 does not properly restrict the use of a hash to provide values... Moderate Unreviewed
CVE-2012-2055 was published May 17, 2022
There was a man-in-the-middle (MITM) vulnerability present in the Confluence Previews plugin in... Moderate Unreviewed
CVE-2019-15006 was published May 24, 2022
An information disclosure vulnerability exists when the Windows GDI component improperly... Moderate Unreviewed
CVE-2020-1097 was published May 24, 2022
An information disclosure vulnerability exists when the Windows GDI component improperly... Moderate Unreviewed
CVE-2020-1091 was published May 24, 2022
A vulnerability in the command-line interface in Brocade Fabric OS before Brocade Fabric OS v8.2... Moderate Unreviewed
CVE-2020-15372 was published May 24, 2022
A vulnerability in Cisco Webex Meetings and Cisco Webex Meetings Server could allow an... Critical Unreviewed
CVE-2020-3419 was published May 24, 2022
An issue was discovered in Thunar before 4.16.7 and 4.17.x before 4.17.2. When called with a... Critical Unreviewed
CVE-2021-32563 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API