Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,714
Erlang
34
GitHub Actions
28
Go
2,301
Maven
5,000+
npm
3,942
NuGet
711
pip
3,711
Pub
12
RubyGems
920
Rust
960
Swift
38
Unreviewed advisories
All unreviewed
5,000+

280 advisories

Loading
On BIG-IP Virtual Edition versions 15.1x beginning in 15.1.4 to before 15.1.8 and 14.1.x... High Unreviewed
CVE-2023-23555 was published Feb 1, 2023
An issue in MatrixSSL 4.5.1-open and earlier leads to failure to securely check the SessionID... High Unreviewed
CVE-2022-46505 was published Jan 18, 2023
Tokio reject_remote_clients configuration may get dropped when creating a Windows named pipe Moderate
CVE-2023-22466 was published for tokio (Rust) Jan 6, 2023
mhils
Openshift 4.9 does not use HTTP Strict Transport Security (HSTS) which may allow man-in-the... High Unreviewed
CVE-2022-3259 was published Dec 9, 2022
External initialization of trusted variables or data stores vulnerability exists in WordPress... High Unreviewed
CVE-2022-43468 was published Dec 7, 2022
NodeBB vulnerable to account takeover via prototype vulnerability Critical
CVE-2022-46164 was published for nodebb (npm) Dec 5, 2022
stephenbradshaw
Improper initialization in BIOS firmware for some Intel(R) NUC 11 Pro Kits and Intel(R) NUC 11... High Unreviewed
CVE-2022-37334 was published Nov 11, 2022
Codeigniter4's Secure or HttpOnly flag set in Config\Cookie is not reflected in Cookies issued Low
CVE-2022-39284 was published for codeigniter4/framework (Composer) Oct 6, 2022
A memory initialization issue was addressed with improved memory handling. This issue is fixed in... Moderate Unreviewed
CVE-2022-32823 was published Sep 25, 2022
Elrond-go has improper initialization Critical
CVE-2022-36061 was published for github.com/ElrondNetwork/elrond-go (Go) Sep 16, 2022
Improper Initialization vulnerability in the local server component of EZVIZ CS-C6N-A0-1C2WFR... Moderate Unreviewed
CVE-2022-2472 was published Sep 16, 2022
In D-Link DIR-816 A2_v1.10CNB04.img the network can be initialized without authentication via ... Critical Unreviewed
CVE-2022-37128 was published Sep 1, 2022
A flaw was found in the Linux kernel’s implementation of reading the SVC RDMA counters. Reading... Moderate Unreviewed
CVE-2021-4218 was published Aug 25, 2022
Improper initialization for some Intel(R) PROSet/Wireless WiFi and Killer(TM) WiFi products may... High Unreviewed
CVE-2021-23223 was published Aug 19, 2022
Improper initialization in the Intel(R) Data Center Manager software before version 4.1 may allow... Moderate Unreviewed
CVE-2022-24378 was published Aug 19, 2022
Improper initialization in the firmware for some Intel(R) NUC Laptop Kits before version BC0076... High Unreviewed
CVE-2022-27493 was published Aug 19, 2022
Improper initialization in the firmware for some Intel(R) NUC Laptop Kits before version BC0076... High Unreviewed
CVE-2022-32579 was published Aug 19, 2022
Apache Calcite Avatica JDBC driver arbitrary code execution High
CVE-2022-36364 was published for org.apache.calcite.avatica:avatica-core (Maven) Jul 29, 2022
Unicorn Engine v2.0.0-rc7 contains memory leaks caused by an incomplete unicorn engine... High Unreviewed
CVE-2022-29695 was published Jun 3, 2022
A memory initialization issue was addressed. This issue is fixed in Security Update 2022-004... High Unreviewed
CVE-2022-26722 was published May 27, 2022
A memory initialization issue was addressed. This issue is fixed in Security Update 2022-004... High Unreviewed
CVE-2022-26721 was published May 27, 2022
Improper initialization in firmware for some Intel(R) PROSet/Wireless WiFi and Killer(TM) WiFi in... Moderate Unreviewed
CVE-2021-0053 was published May 24, 2022
Improper initialization in the installer for some Intel(R) Graphics DCH Drivers for Windows 10... Moderate Unreviewed
CVE-2021-0120 was published May 24, 2022
Failure to validate VM_HSAVE_PA during SNP_INIT may result in a loss of memory integrity. High Unreviewed
CVE-2021-26326 was published May 24, 2022
A flaw was found in the Linux kernel. A corrupted timer tree caused the task wakeup to be missing... Moderate Unreviewed
CVE-2021-20317 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database