Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,869
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,122
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,020
Swift
39
Unreviewed advisories
All unreviewed
5,000+

63 advisories

Loading
Making URLs clickable and allowing them to be styled in DevTools in Google Chrome prior to 66.0... Moderate Unreviewed
CVE-2018-6112 was published May 13, 2022
An issue was discovered in OFCMS before 1.1.3. Remote attackers can execute arbitrary code... High Unreviewed
CVE-2019-9616 was published May 13, 2022
A security feature bypass exists in Azure SSH Keypairs, due to a change in the provisioning logic... Moderate Unreviewed
CVE-2019-0816 was published May 13, 2022
An elevation of privilege vulnerability exists when the Windows Data Sharing Service improperly... High Unreviewed
CVE-2019-0571 was published May 13, 2022
A vulnerability in the file type detection mechanism of the Cisco Advanced Malware Protection ... Moderate Unreviewed
CVE-2018-0237 was published May 13, 2022
An issue was discovered in WTCMS 1.0. It allows remote attackers to execute arbitrary PHP code by... Critical Unreviewed
CVE-2019-8908 was published May 13, 2022
MyWebSQL 3.7 has a remote code execution (RCE) vulnerability after an attacker writes shell code... Critical Unreviewed
CVE-2019-7731 was published May 13, 2022
mainproc.c in GnuPG before 2.2.8 mishandles the original filename during decryption and... High Unreviewed
CVE-2018-12020 was published May 13, 2022
Improper Resolution of Path Equivalence in GitHub repository microweber-dev/whmcs_plugin prior to... Moderate Unreviewed
CVE-2022-0855 was published Mar 5, 2022
Istio Fragments in Path May Lead to Authorization Policy Bypass High
CVE-2021-39156 was published for istio.io/istio (Go) Aug 30, 2021
yangminzhu
Unaligned references in Obstack High
CVE-2020-35894 was published for obstack (Rust) Aug 25, 2021
opencontainers runc contains procfs race condition with a shared volume mount Moderate
CVE-2019-19921 was published for github.com/opencontainers/runc (Go) May 27, 2021
Information Disclosure in Apache Tomcat Moderate
CVE-2021-24122 was published for org.apache.tomcat.embed:tomcat-embed-core (Maven) May 13, 2021
sunSUNQ
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database