Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,339
Erlang
31
GitHub Actions
22
Go
2,099
Maven
5,000+
npm
3,763
NuGet
678
pip
3,448
Pub
12
RubyGems
892
Rust
883
Swift
37
Unreviewed advisories
All unreviewed
5,000+

16 advisories

Loading
UAF vulnerability in the device node access module Impact: Successful exploitation of this... Moderate Unreviewed
CVE-2024-56434 was published Jan 8, 2025
In the Linux kernel, the following vulnerability has been resolved: virtio_net: correct... Moderate Unreviewed
CVE-2024-56674 was published Dec 27, 2024
In the Linux kernel, the following vulnerability has been resolved: ACPI: battery: Fix possible... Moderate Unreviewed
CVE-2024-49955 was published Oct 21, 2024
In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Fix crash caused... Moderate Unreviewed
CVE-2024-49953 was published Oct 21, 2024
Hyperledger Fabric does not verify request has a timestamp within the expected time window Moderate
CVE-2024-45244 was published for github.com/hyperledger/fabric (Go) Aug 25, 2024
IBM App Connect Enterprise 12.0.1.0 through 12.0.12.1 could allow an authenticated user to obtain... Moderate Unreviewed
CVE-2024-31893 was published May 22, 2024
IBM App Connect Enterprise 12.0.1.0 through 12.0.12.1 could allow an authenticated user to obtain... Moderate Unreviewed
CVE-2024-31895 was published May 22, 2024
IBM App Connect Enterprise 12.0.1.0 through 12.0.12.1 could allow an authenticated user to obtain... Moderate Unreviewed
CVE-2024-31894 was published May 22, 2024
A flaw was found in the QEMU Virtio PCI Bindings (hw/virtio/virtio-pci.c). An improper release... Moderate Unreviewed
CVE-2024-4693 was published May 14, 2024
Possibility to circumvent the invitation token expiry period Moderate
CVE-2023-48220 was published for decidim (RubyGems) Feb 20, 2024
ahukkanen ctrgrb
** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in blockmason credit-protocol. It has... Moderate Unreviewed
CVE-2018-25098 was published Feb 4, 2024
Go package github.com/notaryproject/notation configured with permissive trust policies potentially susceptible to rollback attack from compromised registry Moderate
CVE-2024-23332 was published for github.com/notaryproject/notation (Go) Jan 19, 2024
JustinCappos
Pow Mnesia cache doesn't invalidate all expired keys on startup Moderate
CVE-2023-42446 was published for pow (Erlang) Sep 19, 2023
gVirtu
User invites for Funkwhale v1.2.8 do not permanently expire after being used for signup and can... Moderate Unreviewed
CVE-2022-45292 was published Dec 10, 2022
A heap double free issue was found in Opensc before version 0.22.0 in sc_pkcs15_free_tokeninfo. Moderate Unreviewed
CVE-2021-42778 was published Apr 19, 2022
receiving subscription objects with deleted session Moderate
CVE-2020-15270 was published for parse-server (npm) Oct 27, 2020
davimacedo maxiqsoft
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database