Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+

137,186 advisories

Loading
Jinjava calls getClass Moderate
CVE-2018-18893 was published for com.hubspot.jinjava:jinjava (Maven) Jan 4, 2019
Microsoft.ChakraCore vulnerable to Exposure of Sensitive Information to an Unauthorized Actor Moderate
CVE-2019-0746 was published for Microsoft.ChakraCore (NuGet) Apr 9, 2019
System.Management.Automation subject to bypass via script debugging Moderate
CVE-2019-1167 was published for System.Management.Automation (NuGet) Jul 17, 2019
Cross-site Scripting and Open Redirect in Products.CMFPlone Moderate
GHSA-8w54-22w9-3g8f was published for Products.CMFPlone (pip) Jan 28, 2022
Permissive parameters and privilege escalation Moderate
CVE-2018-20301 was published for coherence (Erlang) Feb 10, 2022
Cross-site Scripting and Open Redirect in plone.app.contenttypes Moderate
GHSA-f7qw-5fgj-247x was published for plone.app.contenttypes (pip) Feb 1, 2022
Integer Overflow or Wraparound in TensorFlow Moderate
GHSA-wcv5-vrvr-3rx2 was published for tensorflow (pip) Feb 9, 2022
User object created with invalid provider data in GoTrue Moderate
GHSA-wpfr-6297-9v57 was published for github.com/netlify/gotrue (Go) Feb 9, 2022
Possible filesystem space exhaustion by local users Moderate
GHSA-chxf-fjcf-7fwp was published for github.com/google/fscrypt (Go) Mar 1, 2022
mgerstner
Multiple security issues in Pomerium's embedded envoy Moderate
GHSA-j34v-3552-5r7j was published for github.com/pomerium/pomerium (Go) Mar 1, 2022
Improper regex in htaccess file Moderate
CVE-2022-25769 was published for mautic/core (Composer) Mar 1, 2022
mollux
Improper random number generation in github.com/coredns/coredns Moderate
GHSA-gv9j-4w24-q7vx was published for github.com/coredns/coredns (Go) Mar 1, 2022
Denial of service via insufficient metadata validation Moderate
GHSA-p93v-m2r2-4387 was published for github.com/google/fscrypt (Go) Mar 1, 2022
mgerstner
Possible privilege escalation via bash completion script Moderate
GHSA-w4f8-fxq2-j35v was published for github.com/google/fscrypt (Go) Mar 1, 2022
mgerstner
Partial read is incorrect in molecule Moderate
GHSA-82hm-vh7g-hrh9 was published for molecule (Rust) Aug 25, 2021
Uncaught Exception in libpulse-binding Moderate
GHSA-wcxc-jf6c-8rx9 was published for libpulse-binding (Rust) Aug 25, 2021
smallvec creates uninitialized value of any type Moderate
GHSA-66p5-j55p-32r9 was published for smallvec (Rust) Aug 25, 2021
Improper synchronization in buttplug Moderate
CVE-2020-36218 was published for buttplug (Rust) Aug 25, 2021
HTTP Request Smuggling in hyper Moderate
CVE-2021-21299 was published for hyper (Rust) Aug 25, 2021
ZeddYu
Compiler optimisation leads to SEGFAULT Moderate
GHSA-r6ff-2q3c-v3pv was published for pnet (Rust) Aug 25, 2021
Data races in concread Moderate
CVE-2020-35928 was published for concread (Rust) Aug 25, 2021
SSRF in repository migration Moderate
GHSA-q347-cg56-pcq4 was published for gogs.io/gogs (Go) Mar 14, 2022
michaellrowley
Sysctls applied to containers with host IPC or host network namespaces can affect the host Moderate
GHSA-w2j5-3rcx-vx7x was published for github.com/cri-o/cri-o (Go) Mar 15, 2022
haircommander
Multiple memory safety issues in actix-web Moderate
GHSA-w65j-g6c7-g3m4 was published for actix-web (Rust) Aug 25, 2021
Possibility for Denial of Service by overwriting PHP files with language exports Moderate
GHSA-3fvf-2gp4-89wq was published for barryvdh/laravel-translation-manager (Composer) Mar 18, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database