GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,238
Erlang
31
GitHub Actions
21
Go
2,005
Maven
5,000+
npm
3,716
NuGet
661
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
15 advisories
Filter by severity
Potential race conditions in IndexedDB could have caused memory corruption, leading to a...
Critical
Unreviewed
CVE-2024-10468
was published
Oct 29, 2024
Spring Security vulnerable to Authorization Bypass of Static Resources in WebFlux Applications
Critical
CVE-2024-38821
was published
for
org.springframework.security:spring-security-web
(Maven)
Oct 28, 2024
Improper resource initialization handling in firmware of some Solidigm DC Products may allow an...
Critical
Unreviewed
CVE-2024-47967
was published
Oct 7, 2024
ida64.dll in Hex-Rays IDA Pro through 8.4 crashes when there is a section that has many jumps...
Critical
Unreviewed
CVE-2024-44083
was published
Aug 19, 2024
Malicious Long Unicode filenames may cause a Multiple Application-level Denial of Service
Critical
CVE-2024-32874
was published
for
frigate
(pip)
May 9, 2024
An issue was discovered in Contiki-NG tinyDTLS through master branch 53a0d97. DTLS servers...
Critical
Unreviewed
CVE-2021-42142
was published
Jan 24, 2024
As noted in the “VTPM.md” file in the eve documentation, “VTPM is a server listening on port...
Critical
Unreviewed
CVE-2023-43632
was published
Sep 21, 2023
In PHP 8.0.X before 8.0.28, 8.1.X before 8.1.16 and 8.2.X before 8.2.3, core path resolution...
Critical
Unreviewed
CVE-2023-0568
was published
Feb 16, 2023
A memory corruption vulnerability exists in the libpthread linuxthreads functionality of uClibC 0...
Critical
Unreviewed
CVE-2022-29503
was published
Sep 30, 2022
Onlyoffice Document Server v6.0.0 and below and Core 6.1.0.26 and below were discovered to...
Critical
Unreviewed
CVE-2022-29776
was published
Jun 3, 2022
OpenStack os-vif Ageing time of 0 disables linuxbridge MAC learning
Critical
CVE-2019-15753
was published
for
os-vif
(pip)
May 24, 2022
A vulnerability in Cisco Prime Data Center Network Manager (DCNM) Software could allow an...
Critical
Unreviewed
CVE-2017-6640
was published
May 13, 2022
A vulnerability in the Play Framework of Cisco Elastic Services Controller (ESC) could allow an...
Critical
Unreviewed
CVE-2017-6713
was published
May 13, 2022
A Remote Code Execution vulnerability in lmgrd and vendor daemon components of FlexNet Publisher...
Critical
Unreviewed
CVE-2018-20033
was published
May 13, 2022
ProTip!
Advisories are also available from the
GraphQL API