GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,224
Erlang
31
GitHub Actions
19
Go
1,990
Maven
5,000+
npm
3,706
NuGet
661
pip
3,336
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
71 advisories
Filter by severity
An incorrect comparison vulnerability was identified in GitHub Enterprise Server that allowed...
Moderate
Unreviewed
CVE-2023-23762
was published
Jul 6, 2023
An issue was discovered in ONOS 2.5.1. There is an incorrect comparison of paths installed by...
Moderate
Unreviewed
CVE-2022-29944
was published
Apr 20, 2023
An issue was discovered in ONOS 2.5.1. There is an incorrect comparison of flow rules installed...
Moderate
Unreviewed
CVE-2021-38364
was published
Apr 20, 2023
This vulnerability allows network-adjacent attackers to bypass authentication on affected...
High
Unreviewed
CVE-2022-27645
was published
Mar 29, 2023
This vulnerability allows network-adjacent attackers to bypass authentication on affected...
High
Unreviewed
CVE-2022-43621
was published
Mar 29, 2023
A type juggling vulnerability in the component /auth/fn.php of PlaySMS v1.4.5 and earlier allows...
Critical
Unreviewed
CVE-2022-47034
was published
Feb 14, 2023
Dell SupportAssist for Home PCs (version 3.11.2 and prior) contain Overly Permissive Cross-domain...
Moderate
Unreviewed
CVE-2022-34366
was published
Feb 10, 2023
The Remote Mount feature can potentially be abused by valid, authenticated users to make...
Moderate
Unreviewed
CVE-2022-34888
was published
Jan 31, 2023
A vulnerability was found in mrobit robitailletheknot. It has been classified as problematic....
Critical
Unreviewed
CVE-2014-125057
was published
Jan 7, 2023
Floating Point Comparison with Incorrect Operator in GitHub repository vim/vim prior to 9.0.0804.
Moderate
Unreviewed
CVE-2022-4293
was published
Dec 5, 2022
Dell Wyse ThinOS 2205 contains a Regular Expression Denial of Service Vulnerability in UI. An...
Moderate
Unreviewed
CVE-2022-34402
was published
Oct 11, 2022
SWFTools commit 772e55a2 was discovered to contain a floating point exception (FPE) via DCTStream...
Moderate
Unreviewed
CVE-2022-35091
was published
Sep 25, 2022
XPDF commit ffaf11c was discovered to contain a floating point exception (FPE) via DCTStream:...
Moderate
Unreviewed
CVE-2022-38230
was published
Aug 17, 2022
fdkaac commit 53fe239 was discovered to contain a floating point exception (FPE) via wav_open at ...
Moderate
Unreviewed
CVE-2022-36148
was published
Aug 17, 2022
jpeg-quantsmooth before commit 8879454 contained a floating point exception (FPE) via /jpeg...
Moderate
Unreviewed
CVE-2022-35434
was published
Aug 17, 2022
JPEGDEC commit be4843c was discovered to contain a FPE via DecodeJPEG at /src/jpeg.inl.
Moderate
Unreviewed
CVE-2022-34999
was published
Aug 17, 2022
An Incorrect Comparison vulnerability in PFE of Juniper Networks Junos OS allows an adjacent...
Moderate
Unreviewed
CVE-2022-22203
was published
Jul 21, 2022
Cross-origin resource sharing (CORS) enables browsers to perform cross domain requests in a...
Critical
Unreviewed
CVE-2021-27786
was published
Jun 10, 2022
In SoX 14.4.2, there is a floating-point exception in lsx_aiffstartwrite in aiff.c in libsox.a.
Moderate
Unreviewed
CVE-2022-31650
was published
May 26, 2022
Integria IMS login check uses a loose comparator ("==") to compare the MD5 hash of the password...
Critical
Unreviewed
CVE-2021-3833
was published
May 24, 2022
An issue was discovered in libjpeg through 2020021. An uncaught floating point exception in the...
Moderate
Unreviewed
CVE-2021-39514
was published
May 24, 2022
In JetBrains YouTrack before 2021.2.16363, time-unsafe comparisons were used.
High
Unreviewed
CVE-2021-37550
was published
May 24, 2022
chatwoot is vulnerable to Inefficient Regular Expression Complexity
High
Unreviewed
CVE-2021-3649
was published
May 24, 2022
A vulnerability in the Distance Vector Multicast Routing Protocol (DVMRP) of Juniper Networks...
Moderate
Unreviewed
CVE-2021-0295
was published
May 24, 2022
The Sieve engine in Dovecot before 2.3.15 allows Uncontrolled Resource Consumption, as...
Moderate
Unreviewed
CVE-2020-28200
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API