Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

11 advisories

Loading
ida64.dll in Hex-Rays IDA Pro through 8.4 crashes when there is a section that has many jumps... Critical Unreviewed
CVE-2024-44083 was published Aug 19, 2024
Malicious Long Unicode filenames may cause a Multiple Application-level Denial of Service Critical
CVE-2024-32874 was published for frigate (pip) May 9, 2024
Sim4n6
As noted in the “VTPM.md” file in the eve documentation, “VTPM is a server listening on port... Critical Unreviewed
CVE-2023-43632 was published Sep 21, 2023
In PHP 8.0.X before 8.0.28, 8.1.X before 8.1.16 and 8.2.X before 8.2.3, core path resolution... Critical Unreviewed
CVE-2023-0568 was published Feb 16, 2023
Missing rate limit on rdiffweb Critical
CVE-2022-3439 was published for rdiffweb (pip) Oct 14, 2022
A memory corruption vulnerability exists in the libpthread linuxthreads functionality of uClibC 0... Critical Unreviewed
CVE-2022-29503 was published Sep 30, 2022
Onlyoffice Document Server v6.0.0 and below and Core 6.1.0.26 and below were discovered to... Critical Unreviewed
CVE-2022-29776 was published Jun 3, 2022
OpenStack os-vif Ageing time of 0 disables linuxbridge MAC learning Critical
CVE-2019-15753 was published for os-vif (pip) May 24, 2022
A vulnerability in Cisco Prime Data Center Network Manager (DCNM) Software could allow an... Critical Unreviewed
CVE-2017-6640 was published May 13, 2022
A vulnerability in the Play Framework of Cisco Elastic Services Controller (ESC) could allow an... Critical Unreviewed
CVE-2017-6713 was published May 13, 2022
A Remote Code Execution vulnerability in lmgrd and vendor daemon components of FlexNet Publisher... Critical Unreviewed
CVE-2018-20033 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API