Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,873
Erlang
37
GitHub Actions
36
Go
2,519
Maven
5,000+
npm
4,156
NuGet
736
pip
3,956
Pub
12
RubyGems
946
Rust
1,026
Swift
39
Unreviewed advisories
All unreviewed
5,000+

23,948 advisories

Loading
Out of bounds segmentation fault due to unequal op inputs in Tensorflow Moderate
CVE-2022-41883 was published for tensorflow (pip) Nov 21, 2022
Leak in Aliyun KeySecret Moderate
CVE-2022-39397 was published for aliyun-oss-client (Rust) Nov 21, 2022
Lack of proper validation of server UUID can be used by the server to trick the client to accept invalid proofs Moderate
CVE-2022-39199 was published for github.com/codenotary/immudb (Go) Nov 21, 2022
Insufficient Verification of Proofs generated by the immudb server in client SDK. Moderate
CVE-2022-36111 was published for github.com/codenotary/immudb (Go) Nov 21, 2022
Cross-site Scripting in Apache Hama High
CVE-2022-45470 was published for org.apache.hama:hama-core (Maven) Nov 21, 2022
Garbage collection issue in BC-FJA in Java 13 and later Moderate
CVE-2022-45146 was published for org.bouncycastle:bc-fips (Maven) Nov 21, 2022
SQL injection in Dolibarr Critical
CVE-2022-4093 was published for dolibarr/dolibarr (Composer) Nov 21, 2022
Cross-site Scripting in librenms/librenms Moderate
CVE-2022-3516 was published for librenms/librenms (Composer) Nov 20, 2022
Cross-site Scripting in librenms/librenms Moderate
CVE-2022-3562 was published for librenms/librenms (Composer) Nov 20, 2022
Cross-site Scripting in librenms/librenms Moderate
CVE-2022-3561 was published for librenms/librenms (Composer) Nov 20, 2022
Cross-site Scripting in librenms/librenms Moderate
CVE-2022-4067 was published for librenms/librenms (Composer) Nov 20, 2022
Cross-site Scripting in librenms/librenms High
CVE-2022-4068 was published for librenms/librenms (Composer) Nov 20, 2022
Deserialization of Untrusted Data in librenms/librenms High
CVE-2022-3525 was published for librenms/librenms (Composer) Nov 20, 2022
Insufficient Session Expiration in librenms/librenms Critical
CVE-2022-4070 was published for librenms/librenms (Composer) Nov 20, 2022
Cross-site Scripting in librenms/librenms Moderate
CVE-2022-4069 was published for librenms/librenms (Composer) Nov 20, 2022
Unsanitized input leading to code injection in Dalli Low
CVE-2022-4064 was published for dalli (RubyGems) Nov 19, 2022
TestNG is vulnerable to Path Traversal High
CVE-2022-4065 was published for org.testng:testng (Maven) Nov 19, 2022
cosmotron ljacomet
mayerrobert
Free5gc vulnerable to uncontrolled resource consumption High
CVE-2022-38871 was published for github.com/free5gc/free5gc (Go) Nov 19, 2022
HTTP response splitting in CGI High
CVE-2021-33621 was published for cgi (RubyGems) Nov 19, 2022
meineerde
Witness Block Parsing DoS Vulnerability High
CVE-2022-39389 was published for github.com/lightningnetwork/lnd (Go) Nov 18, 2022
KubeVela VelaUX APIserver has SSRF vulnerability Moderate
CVE-2022-39383 was published for github.com/oam-dev/kubevela (Go) Nov 18, 2022
LIEF heap buffer overflow in the LIEF::MachO::BinaryParser::parse_dyldinfo_generic_bind High
CVE-2022-43171 was published for lief (pip) Nov 18, 2022
XXL-JOB vulnerable to Server-Side Request Forgery (SSRF) High
CVE-2022-43183 was published for com.xuxueli:xxl-job-core (Maven) Nov 17, 2022
MarkLee131 achibear
Dolibarr vulnerable to privilege escalation Critical
CVE-2022-43138 was published for dolibarr/dolibarr (Composer) Nov 17, 2022
Rdiffweb vulnerable to Missing Authentication for Critical Function Low
CVE-2022-4018 was published for rdiffweb (pip) Nov 16, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database