Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,869
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,119
NuGet
735
pip
3,941
Pub
12
RubyGems
945
Rust
1,018
Swift
39
Unreviewed advisories
All unreviewed
5,000+

231 advisories

Loading
A vulnerability has been identified in Solid Edge SE2023 (All versions < V223.0 Update 10). The... High Unreviewed
CVE-2023-49131 was published Jan 9, 2024
A vulnerability has been identified in Solid Edge SE2023 (All versions < V223.0 Update 10). The... High Unreviewed
CVE-2023-49132 was published Jan 9, 2024
A user able to control file input to Gerbv, between versions 2.4.0 and 2.10.0, can cause a crash... Moderate Unreviewed
CVE-2023-4508 was published Aug 25, 2023
The TrueType Fonts rasterizer in Microsoft Windows 2000 SP4 allows local users to gain privileges... High Unreviewed
CVE-2007-1213 was published May 1, 2022
The LDAP server (ns-slapd) in Sun Java System Directory Server 5.2 Patch4 and earlier and ONE... High Unreviewed
CVE-2006-4175 was published May 1, 2022
The kadm5_modify_policy_internal function in lib/kadm5/srv/svr_policy.c in the Kerberos... High Unreviewed
CVE-2007-4000 was published May 1, 2022
The RPC library in Kerberos 5 1.4 through 1.4.4, and 1.5 through 1.5.1, as used in Kerberos... High Unreviewed
CVE-2006-6143 was published May 1, 2022
The asn1_decode_generaltime function in lib/krb5/asn.1/asn1_decode.c in the ASN.1 GeneralizedTime... High Unreviewed
CVE-2009-0846 was published May 2, 2022
lib/pk-libgcrypt.c in libgnutls in GnuTLS before 2.6.6 does not properly handle invalid DSA... Moderate Unreviewed
CVE-2009-1415 was published May 2, 2022
The decompression implementation in the Imf::hufUncompress function in OpenEXR 1.2.2 and 1.6.1... Moderate Unreviewed
CVE-2009-1721 was published May 2, 2022
A vulnerability has been identified in Simcenter Femap (All versions < V2306.0000). The affected... High Unreviewed
CVE-2024-24925 was published Feb 13, 2024
ldbm_back_exop_passwd in the back-ldbm backend in passwd.c for OpenLDAP 2.1.12 and earlier, when... Moderate Unreviewed
CVE-2003-1201 was published Apr 29, 2022
EnterpriseDB Advanced Server 8.2 does not properly handle certain debugging function calls that... Moderate Unreviewed
CVE-2007-4639 was published May 1, 2022
CoreText in Apple Mac OS X 10.4 through 10.4.10 allows attackers to cause a denial of service ... Moderate Unreviewed
CVE-2007-4682 was published May 1, 2022
Multiple uninitialized pointer vulnerabilities when parsing a specially crafted file in Esri... Moderate Unreviewed
CVE-2021-29095 was published May 24, 2022
An unauthenticated remote attacker can DoS a control agent due to access of a uninitialized... High Unreviewed
CVE-2024-26004 was published Mar 12, 2024
An uninitialized pointer in Rockwell Automation Arena Simulation software could potentially... High Unreviewed
CVE-2024-21919 was published Mar 26, 2024
** DISPUTED ** A vulnerability was found in ewxrjk sftpserver. It has been declared as... Critical Unreviewed
CVE-2020-36617 was published Dec 18, 2022
A vulnerability in the internal packet-processing functionality of the Cisco StarOS operating... High Unreviewed
CVE-2019-1869 was published May 24, 2022
An issue was discovered in PHOENIX CONTACT PC Worx through 1.86, PC Worx Express through 1.86,... High Unreviewed
CVE-2019-12870 was published May 24, 2022
In Rockwell Automation Arena Simulation Software Cat. 9502-Ax, Versions 16.00.00 and earlier, a... High Unreviewed
CVE-2019-13527 was published May 24, 2022
Adobe Substance 3D Painter versions 8.3.0 (and earlier) is affected by an Access of Uninitialized... High Unreviewed
CVE-2023-29278 was published May 12, 2023
Adobe Substance 3D Painter versions 8.3.0 (and earlier) is affected by an Access of Uninitialized... Moderate Unreviewed
CVE-2023-29286 was published May 12, 2023
A malicious actor may convince a user to open a malicious USD file that may trigger an... High Unreviewed
CVE-2023-25007 was published May 12, 2023
The affected product does not properly validate user-supplied data. If a user... High Unreviewed
CVE-2023-31244 was published Jun 6, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database