GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,272
Erlang
31
GitHub Actions
21
Go
2,047
Maven
5,000+
npm
3,739
NuGet
668
pip
3,415
Pub
12
RubyGems
891
Rust
868
Swift
36
Unreviewed advisories
All unreviewed
5,000+
16 advisories
Filter by severity
A Remote Code Execution vulnerability in lmgrd and vendor daemon components of FlexNet Publisher...
Critical
Unreviewed
CVE-2018-20033
was published
May 13, 2022
A vulnerability in the Play Framework of Cisco Elastic Services Controller (ESC) could allow an...
Critical
Unreviewed
CVE-2017-6713
was published
May 13, 2022
A vulnerability in Cisco Prime Data Center Network Manager (DCNM) Software could allow an...
Critical
Unreviewed
CVE-2017-6640
was published
May 13, 2022
Onlyoffice Document Server v6.0.0 and below and Core 6.1.0.26 and below were discovered to...
Critical
Unreviewed
CVE-2022-29776
was published
Jun 3, 2022
In PHP 8.0.X before 8.0.28, 8.1.X before 8.1.16 and 8.2.X before 8.2.3, core path resolution...
Critical
Unreviewed
CVE-2023-0568
was published
Feb 16, 2023
A memory corruption vulnerability exists in the libpthread linuxthreads functionality of uClibC 0...
Critical
Unreviewed
CVE-2022-29503
was published
Sep 30, 2022
As noted in the “VTPM.md” file in the eve documentation, “VTPM is a server listening on port...
Critical
Unreviewed
CVE-2023-43632
was published
Sep 21, 2023
OpenStack os-vif Ageing time of 0 disables linuxbridge MAC learning
Critical
CVE-2019-15753
was published
for
os-vif
(pip)
May 24, 2022
Malicious Long Unicode filenames may cause a Multiple Application-level Denial of Service
Critical
CVE-2024-32874
was published
for
frigate
(pip)
May 9, 2024
ida64.dll in Hex-Rays IDA Pro through 8.4 crashes when there is a section that has many jumps...
Critical
Unreviewed
CVE-2024-44083
was published
Aug 19, 2024
An issue was discovered in Contiki-NG tinyDTLS through master branch 53a0d97. DTLS servers...
Critical
Unreviewed
CVE-2021-42142
was published
Jan 24, 2024
Spring Security vulnerable to Authorization Bypass of Static Resources in WebFlux Applications
Critical
CVE-2024-38821
was published
for
org.springframework.security:spring-security-web
(Maven)
Oct 28, 2024
Potential race conditions in IndexedDB could have caused memory corruption, leading to a...
Critical
Unreviewed
CVE-2024-10468
was published
Oct 29, 2024
Improper resource initialization handling in firmware of some Solidigm DC Products may allow an...
Critical
Unreviewed
CVE-2024-47967
was published
Oct 7, 2024
The issue was addressed with improved bounds checks. This issue is fixed in iOS 18.1 and iPadOS...
Critical
Unreviewed
CVE-2024-44241
was published
Dec 12, 2024
ProTip!
Advisories are also available from the
GraphQL API