Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+

28 advisories

Loading
Improper Control of a Resource Through its Lifetime in Mattermost Moderate
CVE-2022-1385 was published for github.com/mattermost/mattermost-server/v6 (Go) Apr 20, 2022
The TrustZone driver in Huawei P9 phones with software Versions earlier than EVA-AL10C00B352 and... High Unreviewed
CVE-2016-8763 was published May 17, 2022
Process lifetime issue in Chrome in Google Chrome on Android prior to 74.0.3729.108 allowed a... High Unreviewed
CVE-2019-5816 was published May 24, 2022
Dell PowerScale OneFS versions 8.2.x-9.4.x contain an uncontrolled resource consumption... Moderate Unreviewed
CVE-2023-25942 was published Apr 4, 2023
A vulnerability in the local management (local-mgmt) CLI of Cisco UCS Manager Software could... Low Unreviewed
CVE-2020-3504 was published May 24, 2022
In RubyGem excon, interrupted Persistent Connections May Leak Response Data Moderate
CVE-2019-16779 was published for excon (RubyGems) Dec 16, 2019
A vulnerability in the local malware analysis process of Cisco Firepower Threat Defense (FTD)... Moderate Unreviewed
CVE-2022-20748 was published May 4, 2022
Unauthenticated remote arbitrary code execution Critical Unreviewed
CVE-2022-27518 was published Dec 13, 2022
Dell PowerScale OneFS versions 8.2.2.x through 9.6.0.x contains an improper control of a... Moderate Unreviewed
CVE-2023-44295 was published Dec 5, 2023
Dell PowerScale OneFS, 8.2.2.x through 9.6.0.x, contains an improper control of a resource... High Unreviewed
CVE-2023-44288 was published Dec 5, 2023
Micronaut management endpoints vulnerable to drive-by localhost attack Moderate
CVE-2024-23639 was published for io.micronaut:micronaut-http-server (Maven) Feb 9, 2024
Dell PowerProtect DD, versions prior to 8.0, LTS 7.13.1.0, LTS 7.10.1.30, LTS 7.7.5.40 contain an... Moderate Unreviewed
CVE-2024-37139 was published Jun 26, 2024
plugins/gtk+/glade-gtk-box.c in GNOME Glade before 3.38.1 and 3.39.x before 3.40.0 mishandles... Moderate Unreviewed
CVE-2020-36774 was published Feb 19, 2024
A mishandling of IRP requests vulnerability exists in the HDAudBus_DMA interface of Microsoft... Moderate Unreviewed
CVE-2024-45383 was published Sep 12, 2024
Local privilege escalation allows a low-privileged user to gain SYSTEM privileges in Citrix... High Unreviewed
CVE-2024-7889 was published Sep 12, 2024
OpenZeppelin Contracts for Cairo account cannot process transactions on Goerli Moderate
CVE-2022-31153 was published for openzeppelin-cairo-contracts (pip) Jul 15, 2022
An Improper Control of a Resource Through its Lifetime vulnerability in the routing protocol... High Unreviewed
CVE-2025-21593 was published Jan 9, 2025
A vulnerability has been identified in SCALANCE SC622-2C (All versions < V2.3), SCALANCE SC622-2C... Moderate Unreviewed
CVE-2022-46144 was published Dec 13, 2022
A logic issue was addressed with improved state management. This issue is fixed in Apple Music 3... High Unreviewed
CVE-2022-32846 was published Feb 27, 2023
Resource reuse vulnerability in the GPU module. Successful exploitation of this vulnerability may... High Unreviewed
CVE-2023-52387 was published Feb 18, 2024
Tokio broadcast channel calls clone in parallel, but does not require `Sync` Low
GHSA-rr8g-9fpq-6wmg was published for tokio (Rust) Apr 7, 2025
In unusual circumstances, selecting text could cause text selection caching to behave incorrectly... Moderate Unreviewed
CVE-2022-28287 was published Dec 22, 2022
linux-pam (aka Linux PAM) before 1.6.0 allows attackers to cause a denial of service (blocked... Moderate Unreviewed
CVE-2024-22365 was published Feb 6, 2024
Apache Zeppelin exposes server resources to unauthenticated attackers High
CVE-2024-41169 was published for org.apache.zeppelin:zeppelin-interpreter (Maven) Jul 12, 2025
Iterator failure issue in the multi-mode input module. Impact: Successful exploitation of this... Moderate Unreviewed
CVE-2025-54619 was published Aug 6, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database