GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,189
Erlang
31
GitHub Actions
19
Go
1,985
Maven
5,000+
npm
3,701
NuGet
657
pip
3,326
Pub
11
RubyGems
882
Rust
836
Swift
35
Unreviewed advisories
All unreviewed
5,000+
41 advisories
Filter by severity
SurrealDB has an Uncaught Exception Handling Parsing Errors on Empty Strings
High
GHSA-qjrv-v6qp-x99x
was published
for
surrealdb
(Rust)
Oct 8, 2024
Denial of Service in TYPO3 Bookmark Toolbar
Low
CVE-2024-34537
was published
for
typo3/cms-backend
(Composer)
Oct 8, 2024
Boa has an uncaught exception when transitioning the state of `AsyncGenerator` objects
High
CVE-2024-43367
was published
for
boa_engine
(Rust)
Aug 14, 2024
panic on parsing crafted phonenumber inputs
High
CVE-2024-39697
was published
for
phonenumber
(Rust)
Jul 9, 2024
Panic when parsing invalid palette-color images in golang.org/x/image
High
CVE-2024-24792
was published
for
golang.org/x/image
(Go)
Jun 26, 2024
@strapi/plugin-upload has a Denial-of-Service via Improper Exception Handling
Moderate
CVE-2024-31217
was published
for
@strapi/plugin-upload
(npm)
Jun 12, 2024
Elasticsearch Uncaught Exception leading to crash
Moderate
CVE-2024-23449
was published
for
org.elasticsearch:elasticsearch
(Maven)
Mar 29, 2024
Uncaught Exception in Macro Expecting Native Function to Exist
Moderate
GHSA-6wr5-jmpr-mjcx
was published
for
surrealdb
(Rust)
Feb 21, 2024
Uncaught Exception Handling Parsing Errors on Line Terminators
Moderate
GHSA-8xff-473h-f863
was published
for
surrealdb
(Rust)
Feb 21, 2024
Uncaught Exception in surrealdb
Moderate
GHSA-jm4v-58r5-66hj
was published
for
surrealdb
(Rust)
Jan 18, 2024
quic-go vulnerable to pointer dereference that can lead to panic
High
CVE-2023-46239
was published
for
github.com/quic-go/quic-go
(Go)
Oct 30, 2023
stellar-strkey vulnerable to panic in SignedPayload::from_payload
Moderate
CVE-2023-46135
was published
for
stellar-strkey
(Rust)
Oct 25, 2023
phonenumber panics on parsing crafted RFC3966 inputs
High
CVE-2023-42444
was published
for
phonenumber
(Rust)
Sep 21, 2023
Denial of Service Vulnerability in gRPC TCP Server (Posix-compatible platforms)
High
CVE-2023-4785
was published
for
grpc
(RubyGems)
Sep 13, 2023
json2xml Uncaught Exception vulnerability
High
CVE-2022-25024
was published
for
json2xml
(pip)
Aug 23, 2023
DoS vulnerability for apps with sockets enabled
High
CVE-2023-38504
was published
for
sails
(npm)
Jul 27, 2023
engine.io Uncaught Exception vulnerability
Moderate
CVE-2023-31125
was published
for
engine.io
(npm)
May 3, 2023
XWiki Platform vulnerable to page render failure due to broken translations
Moderate
CVE-2023-29520
was published
for
org.xwiki.platform:xwiki-platform-localization-source-wiki
(Maven)
Apr 20, 2023
Uncaught Exception in thorsten/phpmyfaq
High
CVE-2023-0790
was published
for
thorsten/phpmyfaq
(Composer)
Feb 12, 2023
mercurius has Uncaught Exception when using subscriptions
Moderate
CVE-2023-22477
was published
for
mercurius
(npm)
Jan 9, 2023
Uncaught exception in engine.io
Moderate
CVE-2022-41940
was published
for
engine.io
(npm)
Nov 21, 2022
fastify/websocket vulnerable to uncaught exception via crash on malformed packet
High
CVE-2022-39386
was published
for
@fastify/websocket
(npm)
Nov 7, 2022
Keylime: unhandled exceptions could lead to invalid attestation states
High
CVE-2022-3500
was published
for
Keylime
(pip)
Oct 28, 2022
Unexpected server crash in Next.js
Moderate
CVE-2022-36046
was published
for
next
(npm)
Aug 30, 2022
ProTip!
Advisories are also available from the
GraphQL API