Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,097
Erlang
29
GitHub Actions
19
Go
1,925
Maven
5,000+
npm
3,656
NuGet
638
pip
3,264
Pub
10
RubyGems
873
Rust
823
Swift
35
Unreviewed advisories
All unreviewed
5,000+

125 advisories

Loading
Improper Resource Shutdown or Release in HashiCorp Vault High
CVE-2020-7220 was published for github.com/hashicorp/vault (Go) Jul 28, 2021
Improper Resource Shutdown or Release in TYPO3 extension High
CVE-2021-38623 was published for webcoast/deferred-image-processing (Composer) Aug 30, 2021
The TCP Server module in toxcore before 0.2.8 doesn't free the TCP priority queue under certain... High Unreviewed
CVE-2018-25021 was published Dec 14, 2021
On BIG-IP versions 16.x before 16.1.0, 15.1.x before 15.1.4.1, 14.1.x before 14.1.4.4, and all... High Unreviewed
CVE-2022-23010 was published Jan 26, 2022
A DoS attack in the web application of D-Link DIR-X1860 before v1.10WWB09_Beta allows a remote... High Unreviewed
CVE-2021-41441 was published Feb 10, 2022
Puma used with Rails may lead to Information Exposure High
CVE-2022-23634 was published for puma (RubyGems) Feb 11, 2022
byroot
Denial of Service in Packetbeat High
CVE-2017-11480 was published for github.com/elastic/beats (Go) Feb 15, 2022
Resource leakage when decoding certificates and keys High
CVE-2022-1473 was published for openssl-src (Rust) May 4, 2022
pinkforest
An issue was discovered in EMC RSA BSAFE Crypto-J versions prior to 6.2.2. There is an Improper... High Unreviewed
CVE-2016-8212 was published May 13, 2022
An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle... High Unreviewed
CVE-2018-8224 was published May 13, 2022
The Web Sockets implementation in Google Chrome before 7.0.517.41 does not properly handle a... High Unreviewed
CVE-2010-4038 was published May 13, 2022
The string component in the GNU C Library (aka glibc or libc6) through 2.28, when running on the... High Unreviewed
CVE-2019-6488 was published May 13, 2022
A vulnerability in the UDP processing code of Cisco IOS 15.1, 15.2, and 15.4 and IOS XE 3.14... High Unreviewed
CVE-2017-6627 was published May 13, 2022
Logstash versions prior to 2.3.3, when using the Netflow Codec plugin, a remote attacker crafting... High Unreviewed
CVE-2016-10363 was published May 13, 2022
A elevation of privilege vulnerability in the Android media framework (libstagefright). Product:... High Unreviewed
CVE-2017-0769 was published May 13, 2022
OpenFlow Plugin and OpenDayLight Controller versions Nitrogen, Carbon, Boron, Robert Varga, Anil... High Unreviewed
CVE-2017-1000411 was published May 13, 2022
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the... High Unreviewed
CVE-2017-11016 was published May 13, 2022
IBM WebSphere MQ 8.0.0.6 does not properly terminate channel agents when they are no longer... High Unreviewed
CVE-2017-1145 was published May 13, 2022
Improper Resource Shutdown or Release in Apache Tomcat High
CVE-2017-5650 was published for org.apache.tomcat:tomcat (Maven) May 13, 2022
sunSUNQ
Unisys Stealth 3.3 Windows endpoints before 3.3.016.1 allow local users to gain access to Stealth... High Unreviewed
CVE-2018-6592 was published May 13, 2022
An elevation of privilege vulnerability exists in Windows when the Win32k component fails to... High Unreviewed
CVE-2018-8120 was published May 13, 2022
An elevation of privilege vulnerability exists in Windows when the Win32k component fails to... High Unreviewed
CVE-2018-8124 was published May 13, 2022
An elevation of privilege vulnerability exists when the Windows Common Log File System (CLFS)... High Unreviewed
CVE-2018-8167 was published May 13, 2022
An elevation of privilege vulnerability exists when the DirectX Graphics Kernel (DXGKRNL) driver... High Unreviewed
CVE-2018-8165 was published May 13, 2022
An elevation of privilege vulnerability exists in Windows when the Win32k component fails to... High Unreviewed
CVE-2018-8164 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database