Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,224
Erlang
31
GitHub Actions
19
Go
1,990
Maven
5,000+
npm
3,706
NuGet
661
pip
3,336
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+

492 advisories

Loading
If an application encounters a fatal protocol error and then calls SSL_shutdown() twice (once to... Moderate Unreviewed
CVE-2019-1559 was published May 13, 2022
A timing attack in SVG rendering in Google Chrome prior to 60.0.3112.78 for Linux, Windows, and... Moderate Unreviewed
CVE-2017-5107 was published May 13, 2022
Observable Discrepancy in Apache Tomcat Moderate
CVE-2016-0762 was published for org.apache.tomcat:tomcat (Maven) May 13, 2022
sunSUNQ
Observable behavioral discrepancy in some Intel(R) Processors may allow an authorized user to... Moderate Unreviewed
CVE-2021-33149 was published May 13, 2022
The Splunk Enterprise REST API allows enumeration of usernames via the lockout error message. The... Moderate Unreviewed
CVE-2021-33845 was published May 7, 2022
Legion of the Bouncy Castle Java Cryptography API Bleichenbacher Oracle Vulnerability High
CVE-2007-6721 was published for bouncycastle:bcprov-jdk14 (Maven) May 1, 2022
The NPSVG3.dll ActiveX control for Adobe SVG Viewer 3.02 and earlier, when running on Internet... Moderate Unreviewed
CVE-2005-0918 was published May 1, 2022
The firewall in Astaro Security Linux before 4.024 sends responses to SYN-FIN packets, which... Moderate Unreviewed
CVE-2004-2252 was published Apr 29, 2022
Nettica Corporation INTELLIPEER Email Server 1.01 displays different error messages for valid and... Moderate Unreviewed
CVE-2004-2150 was published Apr 29, 2022
ProFTPD 1.2.x, including 1.2.8 and 1.2.10, responds in a different amount of time when a given... Moderate Unreviewed
CVE-2004-1602 was published Apr 29, 2022
ArGoSoft FTP before 1.4.2.1 generates an error message if the user name does not exist instead of... Moderate Unreviewed
CVE-2004-1428 was published Apr 29, 2022
Novell iChain 2.2 before Support Pack 1 uses a shorter timeout for a non-existent user than a... Moderate Unreviewed
CVE-2003-0637 was published Apr 29, 2022
OpenSSH-portable (OpenSSH) 3.6.1p1 and earlier with PAM support enabled immediately sends an... Moderate Unreviewed
CVE-2003-0190 was published Apr 29, 2022
Hills ComNav version 3002-19 suffers from a weak communication channel. Traffic across the local... Moderate Unreviewed
CVE-2022-1318 was published Apr 21, 2022
IBM MQ Appliance 9.2 CD and 9.2 LTS could allow an attacker to enumerate account credentials due... Moderate Unreviewed
CVE-2022-22356 was published Apr 6, 2022
In DevicePolicyManager, there is a possible way to determine whether an app is installed, without... Moderate Unreviewed
CVE-2021-39745 was published Mar 31, 2022
In DevicePolicyManager, there is a possible way to determine whether an app is installed, without... Moderate Unreviewed
CVE-2021-39744 was published Mar 31, 2022
In ContextImpl, there is a possible way to determine whether an app is installed, without query... Moderate Unreviewed
CVE-2021-39754 was published Mar 31, 2022
In Framework, there is a possible way to determine whether an app is installed, without query... Moderate Unreviewed
CVE-2021-39756 was published Mar 31, 2022
In DevicePolicyManager, there is a possible way to reveal the existence of an installed package... Moderate Unreviewed
CVE-2021-39755 was published Mar 31, 2022
In AudioService, there is a possible way to determine whether an app is installed, without query... Moderate Unreviewed
CVE-2021-39760 was published Mar 31, 2022
In Settings, there is a possible way to determine whether an app is installed, without query... Moderate Unreviewed
CVE-2021-39766 was published Mar 31, 2022
In Media, there is a possible way to determine whether an app is installed, without query... Moderate Unreviewed
CVE-2021-39761 was published Mar 31, 2022
In People, there is a possible way to determine whether an app is installed, without query... Moderate Unreviewed
CVE-2021-39775 was published Mar 31, 2022
In VpnManagerService, there is a possible disclosure of installed VPN packages due to side... Moderate Unreviewed
CVE-2021-39773 was published Mar 31, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database