Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
42
GitHub Actions
43
Go
3,164
Maven
5,000+
npm
5,000+
NuGet
863
pip
4,458
Pub
12
RubyGems
991
Rust
1,184
Swift
50
Unreviewed advisories
All unreviewed
5,000+

120,704 advisories

Loading
Saia Burgess Controls (SBC) PCD through 2022-05-06 allows Authentication bypass. According to... High Unreviewed
CVE-2022-30319 was published Jul 29, 2022
Dell Secure Connect Gateway 5.20 contains an improper authentication vulnerability during the SRS... High Unreviewed
CVE-2024-22457 was published Mar 1, 2024
The dechunk filter in PHP 5.3 through 5.3.2, when decoding an HTTP chunked encoding stream,... High Unreviewed
CVE-2010-1866 was published May 17, 2022
The nodejs framework in OpenVPN Connect 3.0 through 3.4.3 (Windows)/3.4.7 (macOS) was not... High Unreviewed
CVE-2023-7245 was published Feb 20, 2024
CandidATS version 3.0.0 allows an external attacker to read arbitrary files from the server. This... High Unreviewed
CVE-2022-42745 was published Nov 4, 2022
An invalid free in mb_detect_order can cause the application to crash or potentially result in... High Unreviewed
CVE-2019-11930 was published May 24, 2022
Transient DOS in Multi-Mode Call Processor while processing UE policy container. High Unreviewed
CVE-2023-33057 was published Feb 6, 2024
Memory corruption when AP includes TID to link mapping IE in the beacons and STA is parsing the... High Unreviewed
CVE-2023-43520 was published Feb 6, 2024
Employee Managment System v1.0 was discovered to contain a SQL injection vulnerability via the id... High Unreviewed
CVE-2024-25213 was published Feb 14, 2024
Transient DOS while processing 11AZ RTT management action frame received through OTA. High Unreviewed
CVE-2023-43523 was published Feb 6, 2024
Use after free in Network in Google Chrome prior to 121.0.6167.139 allowed a remote attacker to... High Unreviewed
CVE-2024-1077 was published Jan 31, 2024
Transient DOS while key unwrapping process, when the given encrypted key is empty or NULL. High Unreviewed
CVE-2023-43522 was published Feb 6, 2024
User can send a chat that contains an XSS opportunity that will then run when the chat is sent... High Unreviewed
CVE-2024-0435 was published Feb 26, 2024
Scrapy vulnerable to ReDoS via XMLFeedSpider High
CVE-2024-1892 was published for scrapy (pip) Feb 15, 2024
nicecatch2000 Credited to nicecatch2000
Memory corruption in Trusted Execution Environment while deinitializing an object used for... High Unreviewed
CVE-2023-33046 was published Feb 6, 2024
Potential buffer overflow in CBOR2 decoder High
CVE-2024-26134 was published for cbor2 (pip) Feb 21, 2024
miri64 Credited to miri64
Memory corruption in video while parsing the Videoinfo, when the size of atom is greater than the... High Unreviewed
CVE-2023-43519 was published Feb 6, 2024
Memory corruption while reading ACPI config through the user mode app. High Unreviewed
CVE-2023-43532 was published Feb 6, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2024-25928 was published Feb 23, 2024
python-multipart vulnerable to Content-Type Header ReDoS High
CVE-2024-24762 was published for python-multipart (pip) Feb 12, 2024
nicecatch2000 Credited to nicecatch2000, Kludex, and amita-seal Kludex Kludex
amita-seal amita-seal
yast2-backup 2.14.2 through 2.16.6 on SUSE Linux and Novell Linux allows local users to gain... High Unreviewed
CVE-2008-4636 was published May 14, 2022
Heap-based Buffer Overflow, Memory Corruption, Out-Of-Bounds Read, Out-Of-Bounds Write, Stack... High Unreviewed
CVE-2024-1847 was published Feb 28, 2024
As a manager, you should not be able to modify a series of settings. In the UI this is indeed... High Unreviewed
CVE-2024-0439 was published Feb 26, 2024
Cross-Site Request Forgery vulnerability in SMA Cluster Controller, affecting version 01.05.01.R.... High Unreviewed
CVE-2024-1889 was published Feb 26, 2024
orjson does not limit recursion for deeply nested JSON documents High
CVE-2024-27454 was published for orjson (pip) Feb 26, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database