Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,318
Erlang
31
GitHub Actions
21
Go
2,074
Maven
5,000+
npm
3,746
NuGet
674
pip
3,434
Pub
12
RubyGems
892
Rust
880
Swift
37
Unreviewed advisories
All unreviewed
5,000+

1,781 advisories

Loading
Apache Tomcat Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability High
CVE-2024-56337 was published for org.apache.tomcat.embed:tomcat-embed-core (Maven) Dec 20, 2024
greengeko
Spring Framework Path Traversal vulnerability High
CVE-2024-38819 was published for org.springframework:spring-webflux (Maven) Dec 19, 2024
Apache Hadoop allows local user to gain root privileges High
CVE-2023-26031 was published for org.apache.hadoop:hadoop-yarn-project (Maven) Nov 16, 2023
vulnerability-analyst anonymous-nlp-student
android-gif-drawable Double Free vulnerability High
CVE-2019-11932 was published for pl.droidsonroids.gif:android-gif-drawable (Maven) May 24, 2022
Marcono1234
android-gif-drawable vulerable to denial of service due to unrestricted comment length High
CVE-2022-23435 was published for pl.droidsonroids.gif:android-gif-drawable (Maven) Jan 20, 2022
Marcono1234
Privilege escalation in XXL-Job High
CVE-2023-33779 was published for com.xuxueli:xxl-job (Maven) May 26, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database