Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,810
Erlang
36
GitHub Actions
31
Go
2,395
Maven
5,000+
npm
4,030
NuGet
721
pip
3,820
Pub
12
RubyGems
932
Rust
988
Swift
38
Unreviewed advisories
All unreviewed
5,000+

58 advisories

Loading
Faulty input validation in the core of Apache allows malicious or exploitable backend/content... High Unreviewed
CVE-2023-38709 was published Apr 4, 2024
Denial-of-service (DoS) vulnerability due to improper validation of specified type of input issue... High Unreviewed
CVE-2023-38744 was published Aug 3, 2023
Improper Input Validation vulnerability exists in the Hitachi Energy MicroSCADA X SYS600's ICCP... High Unreviewed
CVE-2022-2277 was published Sep 15, 2022
A vulnerability in the HCI Modbus TCP COMPONENT of Hitachi Energy RTU500 series CMU Firmware that... High Unreviewed
CVE-2022-28613 was published May 3, 2022
The ctl_report_supported_opcodes function did not sufficiently validate a field provided by... High Unreviewed
CVE-2024-42416 was published Sep 5, 2024
The rds_page_copy_user function in net/rds/page.c in the Reliable Datagram Sockets (RDS) protocol... High Unreviewed
CVE-2010-3904 was published May 13, 2022
A sym-linked file accessed via the repair function in Avast Antivirus <24.2 on Windows may allow... High Unreviewed
CVE-2024-5102 was published Jun 10, 2024
Improper Validation of Specified Quantity in Input vulnerability in Tips and Tricks HQ WP Express... High Unreviewed
CVE-2024-30527 was published May 17, 2024
Buffer overflow vulnerabilities exist in FRRouting through 8.1.0 due to wrong checks on the input... High Unreviewed
CVE-2022-26125 was published Mar 4, 2022
A buffer overflow vulnerability exists in FRRouting through 8.1.0 due to missing a check on the... High Unreviewed
CVE-2022-26127 was published Mar 4, 2022
A buffer overflow vulnerability exists in FRRouting through 8.1.0 due to a wrong check on the... High Unreviewed
CVE-2022-26128 was published Mar 4, 2022
A denial of service attack might be launched against the server if an unusually lengthy password ... High Unreviewed
CVE-2023-30082 was published Jun 14, 2023
The demon image annotation plugin for WordPress is vulnerable to improper input validation in... High Unreviewed
CVE-2022-4171 was published Dec 13, 2022
Multiple vulnerabilities in the Cisco Discovery Protocol functionality of Cisco ATA 190 Series... High Unreviewed
CVE-2022-20689 was published Dec 12, 2022
Multiple vulnerabilities in the Cisco Discovery Protocol functionality of Cisco ATA 190 Series... High Unreviewed
CVE-2022-20690 was published Dec 12, 2022
A flaw was found in the c-ares package. The ares_set_sortlist is missing checks about the... High Unreviewed
CVE-2022-4904 was published Mar 7, 2023
blurhash panics on parsing crafted inputs High
CVE-2023-42447 was published for blurhash (Rust) Sep 21, 2023
rubdos
phonenumber panics on parsing crafted RFC3966 inputs High
CVE-2023-42444 was published for phonenumber (Rust) Sep 21, 2023
sno2 gferon
jcvi vulnerable to Configuration Injection due to unsanitized user input High
CVE-2023-35932 was published for jcvi (pip) Jun 23, 2023
Sim4n6
In Open5GS 2.4.0, a crafted packet from UE can crash SGW-U/UPF. High Unreviewed
CVE-2021-45462 was published Dec 24, 2021
parse-server crashes when receiving file download request with invalid byte range High
CVE-2022-39313 was published for parse-server (npm) Oct 18, 2022
hej2010 tdunlap607
libtiff's tiffcrop utility has a improper input validation flaw that can lead to out of bounds... High Unreviewed
CVE-2022-2868 was published Aug 18, 2022
The Popup | Custom Popup Builder WordPress plugin before 1.3.1 autoload data from its popup on... High Unreviewed
CVE-2022-0214 was published Feb 15, 2022
linked_list_allocator vulnerable to out-of-bound writes on `Heap` initialization and `Heap::extend` High
CVE-2022-36086 was published for linked_list_allocator (Rust) Sep 16, 2022
evanrichter
Unauthenticated control plane denial of service attack in Istio High
CVE-2022-23635 was published for istio.io/istio (Go) Feb 23, 2022
AdamKorcz howardjohn
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database