Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,179
Erlang
31
GitHub Actions
19
Go
1,982
Maven
5,000+
npm
3,701
NuGet
656
pip
3,323
Pub
11
RubyGems
882
Rust
834
Swift
35
Unreviewed advisories
All unreviewed
5,000+

15 advisories

Loading
A Remote Code Execution vulnerability in lmgrd and vendor daemon components of FlexNet Publisher... Critical Unreviewed
CVE-2018-20033 was published May 13, 2022
A vulnerability in the Play Framework of Cisco Elastic Services Controller (ESC) could allow an... Critical Unreviewed
CVE-2017-6713 was published May 13, 2022
A vulnerability in Cisco Prime Data Center Network Manager (DCNM) Software could allow an... Critical Unreviewed
CVE-2017-6640 was published May 13, 2022
OpenStack os-vif Ageing time of 0 disables linuxbridge MAC learning Critical
CVE-2019-15753 was published for os-vif (pip) May 24, 2022
Onlyoffice Document Server v6.0.0 and below and Core 6.1.0.26 and below were discovered to... Critical Unreviewed
CVE-2022-29776 was published Jun 3, 2022
A memory corruption vulnerability exists in the libpthread linuxthreads functionality of uClibC 0... Critical Unreviewed
CVE-2022-29503 was published Sep 30, 2022
Missing rate limit on rdiffweb Critical
CVE-2022-3439 was published for rdiffweb (pip) Oct 14, 2022
In PHP 8.0.X before 8.0.28, 8.1.X before 8.1.16 and 8.2.X before 8.2.3, core path resolution... Critical Unreviewed
CVE-2023-0568 was published Feb 16, 2023
As noted in the “VTPM.md” file in the eve documentation, “VTPM is a server listening on port... Critical Unreviewed
CVE-2023-43632 was published Sep 21, 2023
An issue was discovered in Contiki-NG tinyDTLS through master branch 53a0d97. DTLS servers... Critical Unreviewed
CVE-2021-42142 was published Jan 24, 2024
Malicious Long Unicode filenames may cause a Multiple Application-level Denial of Service Critical
CVE-2024-32874 was published for frigate (pip) May 9, 2024
Sim4n6
ida64.dll in Hex-Rays IDA Pro through 8.4 crashes when there is a section that has many jumps... Critical Unreviewed
CVE-2024-44083 was published Aug 19, 2024
Improper resource initialization handling in firmware of some Solidigm DC Products may allow an... Critical Unreviewed
CVE-2024-47967 was published Oct 7, 2024
Spring Security vulnerable to Authorization Bypass of Static Resources in WebFlux Applications Critical
CVE-2024-38821 was published for org.springframework.security:spring-security-web (Maven) Oct 28, 2024
Potential race conditions in IndexedDB could have caused memory corruption, leading to a... Critical Unreviewed
CVE-2024-10468 was published Oct 29, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database