GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
44 advisories
Filter by severity
Denial of Service in node-static
Moderate
GHSA-8r4g-cg4m-x23c
was published
for
node-static
(npm)
Sep 22, 2021
Uncaught Exception in libpulse-binding
Moderate
GHSA-wcxc-jf6c-8rx9
was published
for
libpulse-binding
(Rust)
Aug 25, 2021
Denial of Service vulnerability in @podium/layout and @podium/proxy
High
CVE-2022-24822
was published
for
@podium/layout
(npm)
Apr 7, 2022
Uncaught Exception in jsoup
High
CVE-2021-37714
was published
for
org.jsoup:jsoup
(Maven)
Aug 23, 2021
Undertow Uncaught Exception vulnerability
Moderate
CVE-2016-7046
was published
for
io.undertow:undertow-core
(Maven)
May 17, 2022
Unexpected server crash in Next.js
Moderate
CVE-2022-36046
was published
for
next
(npm)
Aug 30, 2022
Denial-of-Service when binding invalid parameters in sqlite3
High
CVE-2022-21227
was published
for
sqlite3
(npm)
Apr 28, 2022
Crash when decoding malformed HTTP requests or malformed JSON payload
High
CVE-2018-1330
was published
for
org.apache.mesos:mesos
(Maven)
May 14, 2022
Uncaught exception in engine.io
Moderate
CVE-2022-41940
was published
for
engine.io
(npm)
Nov 21, 2022
Uncaught Exception leading to Denial of Service in json-sanitizer
High
CVE-2021-23900
was published
for
com.mikesamuel:json-sanitizer
(Maven)
May 13, 2021
DOS and Open Redirect with user input
High
CVE-2021-22964
was published
for
fastify-static
(npm)
Oct 12, 2021
mercurius has Uncaught Exception when using subscriptions
Moderate
CVE-2023-22477
was published
for
mercurius
(npm)
Jan 9, 2023
Uncaught Exception in zip4j
Moderate
CVE-2022-24615
was published
for
net.lingala.zip4j:zip4j
(Maven)
Feb 25, 2022
Uncaught Exception in thorsten/phpmyfaq
High
CVE-2023-0790
was published
for
thorsten/phpmyfaq
(Composer)
Feb 12, 2023
Camaleon CMS vulnerable to Uncaught Exception
Moderate
CVE-2021-25971
was published
for
camaleon_cms
(RubyGems)
May 24, 2022
fastify/websocket vulnerable to uncaught exception via crash on malformed packet
High
CVE-2022-39386
was published
for
@fastify/websocket
(npm)
Nov 7, 2022
Denial of Service in sequelize
Moderate
GHSA-fw4p-36j9-rrj3
was published
for
sequelize
(npm)
Sep 3, 2020
XWiki Platform vulnerable to page render failure due to broken translations
Moderate
CVE-2023-29520
was published
for
org.xwiki.platform:xwiki-platform-localization-source-wiki
(Maven)
Apr 20, 2023
DoS vulnerability for apps with sockets enabled
High
CVE-2023-38504
was published
for
sails
(npm)
Jul 27, 2023
stellar-strkey vulnerable to panic in SignedPayload::from_payload
Moderate
CVE-2023-46135
was published
for
stellar-strkey
(Rust)
Oct 25, 2023
quic-go vulnerable to pointer dereference that can lead to panic
High
CVE-2023-46239
was published
for
github.com/quic-go/quic-go
(Go)
Oct 30, 2023
ProTip!
Advisories are also available from the
GraphQL API