Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+

14 advisories

Loading
Prototype Pollution in lodash Moderate
CVE-2018-3721 was published for lodash (RubyGems) Jul 26, 2018
G-Rath
Prototype Pollution in highlight.js Moderate
CVE-2020-26237 was published for highlight.js (npm) Nov 24, 2020
turt2live allejo
joshgoebel
Prototype Pollution in systeminformation Moderate
CVE-2020-26245 was published for systeminformation (npm) Nov 27, 2020
Write to immutable memory region in TensorFlow Moderate
CVE-2020-26268 was published for tensorflow (pip) Dec 10, 2020
Moodle Allows Modification of Constants Moderate
CVE-2011-4301 was published for moodle/moodle (Composer) May 13, 2022
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.0 SP2). An... Moderate Unreviewed
CVE-2021-37193 was published May 24, 2022
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.0 SP2).... Moderate Unreviewed
CVE-2021-37177 was published May 24, 2022
An attacker could prepare a specially crafted project file that, if opened, would attempt to... Moderate Unreviewed
CVE-2021-42701 was published May 24, 2022
Google Play Services SDK leads to apps having incorrectly set mutability flag Moderate
CVE-2022-2390 was published for com.google.android.gms:play-services-basement (Maven) Aug 13, 2022
A branch/tag name confusion in GitLab CE/EE affecting all versions prior to 15.2.5, 15.3 prior to... Moderate Unreviewed
CVE-2022-3288 was published Oct 17, 2022
Modification of Assumed-Immutable Data (MAID) in RDT400 in SICK APU allows an unprivileged... Moderate Unreviewed
CVE-2023-43697 was published Oct 9, 2023
Neo4j Cypher component mishandles IMMUTABLE privileges Moderate
CVE-2024-34517 was published for org.neo4j:neo4j-cypher (Maven) May 7, 2024
irene221b
IBM QRadar WinCollect Agent 10.0.0 through 10.1.12 could allow a remote attacker to inject XML... Moderate Unreviewed
CVE-2024-51462 was published Jan 17, 2025
IBM Security Verify Bridge 1.0.0 through 1.0.15 could allow a local privileged user to overwrite... Moderate Unreviewed
CVE-2024-45672 was published Jan 23, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database