Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

176 advisories

Loading
This vulnerability allows remote attackers to execute arbitrary code on affected installations of... High Unreviewed
CVE-2022-40642 was published Sep 16, 2022
A vulnerability has been identified in Parasolid V33.1 (All versions < V33.1.262), Parasolid V33... High Unreviewed
CVE-2022-39147 was published Sep 14, 2022
A vulnerability has been identified in Parasolid V33.1 (All versions < V33.1.262), Parasolid V33... High Unreviewed
CVE-2022-39146 was published Sep 14, 2022
Adobe Photoshop versions 22.5.7 (and earlier) and 23.3.2 (and earlier) are affected by an Access... Moderate Unreviewed
CVE-2022-34244 was published Jul 16, 2022
Adobe Acrobat Reader versions 22.001.20142 (and earlier), 20.005.30334 (and earlier) and 17.012... High Unreviewed
CVE-2022-34228 was published Jul 16, 2022
NVIDIA DGX A100 contains a vulnerability in SBIOS in the Ofbd, where a local user with elevated... High Unreviewed
CVE-2022-31599 was published Jul 5, 2022
In multiple CODESYS products, a low privileged remote attacker may craft a request that cause a... Moderate Unreviewed
CVE-2022-32136 was published Jun 25, 2022
AppLink has a vulnerability of accessing uninitialized pointers. Successful exploitation of this... Moderate Unreviewed
CVE-2022-31759 was published Jun 14, 2022
The affected product is vulnerable to a heap-based buffer overflow via uninitialized pointer,... High Unreviewed
CVE-2022-30540 was published Jun 3, 2022
The affected product is vulnerable to an out-of-bounds read via uninitialized pointer, which may... High Unreviewed
CVE-2022-29488 was published Jun 3, 2022
The affected product is vulnerable to an out-of-bounds write via uninitialized pointer, which may... High Unreviewed
CVE-2022-28690 was published Jun 3, 2022
A crafted request may cause a read access to an uninitialized pointer in CODESYS V2 Runtime... Moderate Unreviewed
CVE-2021-34596 was published May 24, 2022
A vulnerability has been identified in Solid Edge SE2021 (All versions < SE2021MP8). The affected... Moderate Unreviewed
CVE-2021-41538 was published May 24, 2022
An issue was discovered in SKALE sgxwallet 1.58.3. The provided input for ECALL 14 triggers a... Critical Unreviewed
CVE-2021-36219 was published May 24, 2022
A vulnerability in the authentication, authorization, and accounting (AAA) function of Cisco IOS... Critical Unreviewed
CVE-2021-1619 was published May 24, 2022
Cscape (All Versions prior to 9.90 SP5) lacks proper validation of user-supplied data when... High Unreviewed
CVE-2021-33015 was published May 24, 2022
Adobe Bridge version 11.0.2 (and earlier) is affected by an uninitialized variable vulnerability... Low Unreviewed
CVE-2021-35991 was published May 24, 2022
Adobe Media Encoder version 15.2 (and earlier) is affected by an uninitialized pointer... Moderate Unreviewed
CVE-2021-36014 was published May 24, 2022
An uninitialized pointer in FATEK Automation FvDesigner, Versions 1.5.88 and prior may be... High Unreviewed
CVE-2021-32931 was published May 24, 2022
A vulnerability has been identified in Solid Edge SE2021 (All Versions < SE2021MP7). The PSKERNEL... High Unreviewed
CVE-2021-37180 was published May 24, 2022
drivers/net/ethernet/xilinx/xilinx_emaclite.c in the Linux kernel before 5.13.3 makes it easier... Low Unreviewed
CVE-2021-38205 was published May 24, 2022
This vulnerability allows remote attackers to execute arbitrary code on affected installations of... High Unreviewed
CVE-2021-31503 was published May 24, 2022
Phoenix Contact Classic Automation Worx Software Suite in Version 1.87 and below is affected by a... High Unreviewed
CVE-2021-33542 was published May 24, 2022
This vulnerability allows remote attackers to execute arbitrary code on affected installations of... High Unreviewed
CVE-2021-31479 was published May 24, 2022
An invalid pointer initialization issue was found in the SLiRP networking implementation of QEMU.... Low Unreviewed
CVE-2021-3595 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API