Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,333
Erlang
31
GitHub Actions
21
Go
2,094
Maven
5,000+
npm
3,759
NuGet
678
pip
3,445
Pub
12
RubyGems
892
Rust
882
Swift
37
Unreviewed advisories
All unreviewed
5,000+

131 advisories

Loading
OS Command Injection in s3-uploader High
CVE-2021-34084 was published for s3-uploader (npm) Jun 3, 2022
OS Command Injection in proctree High
CVE-2021-34082 was published for proctree (npm) Jun 3, 2022
Command injection in google-it High
CVE-2021-34083 was published for google-it (npm) Jun 3, 2022
OS Command injection in ssl-utils High
CVE-2021-34080 was published for ssl-utils (npm) Jun 3, 2022
Packing does not respect root-level ignore files in workspaces High
CVE-2022-29244 was published for npm (npm) Jun 2, 2022
bnb
Broken Authentication in Atlassian Connect Express (ACE) from version 3.0.2 before version 6.6.0:... High Unreviewed
CVE-2021-26073 was published May 24, 2022
Node.js bad High Unreviewed
CVE-2021-22884 was published May 24, 2022
bson-objectid contains Improper input validation High
CVE-2019-19729 was published for bson-objectid (npm) May 24, 2022
Node.js before 16.6.1, 14.17.5, and 12.22.5 is vulnerable to a use after free attack where an... High Unreviewed
CVE-2021-22940 was published May 24, 2022
Western Digital EdgeRover before 0.25 has an escalation of privileges vulnerability where a low... High Unreviewed
CVE-2021-33205 was published May 24, 2022
Node.js before 10.24.0, 12.21.0, 14.16.0, and 15.10.0 is vulnerable to a denial of service attack... High Unreviewed
CVE-2021-22883 was published May 24, 2022
An exploitable local privilege elevation vulnerability exists in the file system permissions of... High Unreviewed
CVE-2020-13536 was published May 24, 2022
An exploitable local privilege elevation vulnerability exists in the file system permissions of... High Unreviewed
CVE-2020-13537 was published May 24, 2022
Node.js < 14.11.0 is vulnerable to HTTP denial of service (DoS) attacks based on delayed requests... High Unreviewed
CVE-2020-8251 was published May 24, 2022
Duplicate Advisory: Kerberos for NodeJS allows DLL Injection High
GHSA-f478-xwv9-p93q was published for kerberos (npm) May 24, 2022 withdrawn
HTTP request smuggling in Node.js 10, 12, and 13 causes malicious payload delivery when transfer... High Unreviewed
CVE-2019-15605 was published May 24, 2022
Crash in HeaderParser in dicer High
CVE-2022-24434 was published for dicer (Maven) May 21, 2022
dloetzke
The Utf8DecoderBase::WriteUtf16Slow function in unicode-decoder.cc in Google V8, as used in Node... High Unreviewed
CVE-2015-5380 was published May 17, 2022
Node.js 0.12.x before 0.12.9, 4.x before 4.2.3, and 5.x before 5.1.1 does not ensure the... High Unreviewed
CVE-2015-8027 was published May 17, 2022
Node.js 0.10.x before 0.10.42, 0.12.x before 0.12.10, 4.x before 4.3.0, and 5.x before 5.6.0... High Unreviewed
CVE-2016-2086 was published May 17, 2022
The HTTP header parsing code in Node.js 0.10.x before 0.10.42, 0.11.6 through 0.11.16, 0.12.x... High Unreviewed
CVE-2016-2216 was published May 17, 2022
Electron vulnerable to remote command execution High
CVE-2017-12581 was published for electron (npm) May 17, 2022
Node.js 4.0.0, 4.1.0, and 4.1.1 allows remote attackers to cause a denial of service. High Unreviewed
CVE-2015-7384 was published May 17, 2022
Node.js before 4.8.5, 6.x before 6.11.5, and 8.x before 8.8.0 allows remote attackers to cause a... High Unreviewed
CVE-2017-14919 was published May 17, 2022
Node.js v4.0 through v4.8.3, all versions of v5.x, v6.0 through v6.11.0, v7.0 through v7.10.0,... High Unreviewed
CVE-2017-11499 was published May 17, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database