Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
44
GitHub Actions
46
Go
3,272
Maven
5,000+
npm
5,000+
NuGet
867
pip
4,521
Pub
12
RubyGems
1,007
Rust
1,194
Swift
51
Unreviewed advisories
All unreviewed
5,000+

5 advisories

Loading
Valid ECDSA signatures erroneously rejected in Elliptic Low
CVE-2024-48948 was published for elliptic (npm) Oct 15, 2024
martincostello Credited to martincostello, IchordeDionysos, and tal-sealsecurity IchordeDionysos IchordeDionysos
tal-sealsecurity tal-sealsecurity
gRPC Reachable Assertion issue High
CVE-2023-1428 was published for grpc (RubyGems) Jul 6, 2023
jonasfj Credited to jonasfj and tal-sealsecurity tal-sealsecurity tal-sealsecurity
gRPC connection termination issue Moderate
CVE-2023-32732 was published for grpc (RubyGems) Jul 6, 2023
jonasfj Credited to jonasfj and tal-sealsecurity tal-sealsecurity tal-sealsecurity
Connection confusion in gRPC High
CVE-2023-32731 was published for grpc (RubyGems) Jul 5, 2023
jmatosgrafana Credited to jmatosgrafana, picatz, jonasfj, and tal-sealsecurity picatz picatz
jonasfj jonasfj tal-sealsecurity tal-sealsecurity
Apache Axis allows Exposure of Sensitive Information to an Unauthorized Actor Moderate
CVE-2007-2353 was published for org.apache.axis:axis (Maven) May 1, 2022
tal-sealsecurity Credited to tal-sealsecurity
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database