GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,274
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,419
Pub
12
RubyGems
891
Rust
872
Swift
36
Unreviewed advisories
All unreviewed
5,000+
80 advisories
Filter by severity
Denial of Service in sequelize
Moderate
GHSA-fw4p-36j9-rrj3
was published
for
sequelize
(npm)
Sep 3, 2020
Uncaught Exception leading to Denial of Service in json-sanitizer
High
CVE-2021-23900
was published
for
com.mikesamuel:json-sanitizer
(Maven)
May 13, 2021
Uncaught Exception in jsoup
High
CVE-2021-37714
was published
for
org.jsoup:jsoup
(Maven)
Aug 23, 2021
Uncaught Exception in libpulse-binding
Moderate
GHSA-wcxc-jf6c-8rx9
was published
for
libpulse-binding
(Rust)
Aug 25, 2021
Denial of Service in node-static
Moderate
GHSA-8r4g-cg4m-x23c
was published
for
node-static
(npm)
Sep 22, 2021
DOS and Open Redirect with user input
High
CVE-2021-22964
was published
for
fastify-static
(npm)
Oct 12, 2021
Uncaught Exception in zip4j
Moderate
CVE-2022-24615
was published
for
net.lingala.zip4j:zip4j
(Maven)
Feb 25, 2022
Denial of Service vulnerability in @podium/layout and @podium/proxy
High
CVE-2022-24822
was published
for
@podium/layout
(npm)
Apr 7, 2022
Denial-of-Service when binding invalid parameters in sqlite3
High
CVE-2022-21227
was published
for
sqlite3
(npm)
Apr 28, 2022
A vulnerability has been identified in SIMATIC CP 443-1 OPC UA (All versions), SIMATIC ET 200SP...
High
Unreviewed
CVE-2019-6575
was published
May 13, 2022
Crash when decoding malformed HTTP requests or malformed JSON payload
High
CVE-2018-1330
was published
for
org.apache.mesos:mesos
(Maven)
May 14, 2022
Undertow Uncaught Exception vulnerability
Moderate
CVE-2016-7046
was published
for
io.undertow:undertow-core
(Maven)
May 17, 2022
It was found in AMQ Online before 1.5.2 that injecting an invalid field to a user's AddressSpace...
Moderate
Unreviewed
CVE-2020-14348
was published
May 24, 2022
A vulnerability has been identified in SIMATIC ET 200SP Open Controller (incl. SIPLUS variants) ...
High
Unreviewed
CVE-2020-15796
was published
May 24, 2022
Camaleon CMS vulnerable to Uncaught Exception
Moderate
CVE-2021-25971
was published
for
camaleon_cms
(RubyGems)
May 24, 2022
Uncaught Exception (due to a data race) leads to process termination in Waitress
High
CVE-2022-31015
was published
for
waitress
(pip)
Jun 2, 2022
Unexpected server crash in Next.js
Moderate
CVE-2022-36046
was published
for
next
(npm)
Aug 30, 2022
A vulnerability in the processing of malformed Common Industrial Protocol (CIP) packets that are...
High
Unreviewed
CVE-2022-20919
was published
Oct 1, 2022
Keylime: unhandled exceptions could lead to invalid attestation states
High
CVE-2022-3500
was published
for
Keylime
(pip)
Oct 28, 2022
fastify/websocket vulnerable to uncaught exception via crash on malformed packet
High
CVE-2022-39386
was published
for
@fastify/websocket
(npm)
Nov 7, 2022
Uncaught exception in engine.io
Moderate
CVE-2022-41940
was published
for
engine.io
(npm)
Nov 21, 2022
mercurius has Uncaught Exception when using subscriptions
Moderate
CVE-2023-22477
was published
for
mercurius
(npm)
Jan 9, 2023
ProTip!
Advisories are also available from the
GraphQL API