Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,062
Erlang
29
GitHub Actions
19
Go
1,889
Maven
5,000+
npm
3,622
NuGet
638
pip
3,233
Pub
10
RubyGems
857
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

20 advisories

Loading
A vulnerability in the multicast DNS (mDNS) gateway feature of Cisco IOS XE Software for Wireless... High Unreviewed
CVE-2024-20303 was published Mar 27, 2024
Apache Struts Improper Control of Dynamically-Managed Code Resources vulnerability High
CVE-2023-41835 was published for org.apache.struts:struts2-core (Maven) Dec 5, 2023
A double-free flaw was found in the Linux kernel’s NTFS3 subsystem in how a user triggers remount... High Unreviewed
CVE-2022-3238 was published Jul 6, 2023
An information leak vulnerability was discovered in HAProxy 2.1, 2.2 before 2.2.27, 2.3, 2.4... High Unreviewed
CVE-2023-0836 was published Mar 29, 2023
Local privilege escalation due to incomplete uninstallation cleanup. The following products are... High Unreviewed
CVE-2022-45455 was published Feb 13, 2023
Xenstore: Guests can get access to Xenstore nodes of deleted domains Access rights of Xenstore... High Unreviewed
CVE-2022-42320 was published Nov 1, 2022
Incomplete cleanup in some Intel(R) VT-d products may allow an authenticated user to potentially... High Unreviewed
CVE-2020-24489 was published May 24, 2022
There is an unsafe incomplete reset of PATH in OpenDoas 6.6 through 6.8 when changing the user... High Unreviewed
CVE-2019-25016 was published May 24, 2022
Flarum mishandles invalidation of user email tokens High
CVE-2019-11514 was published for flarum/flarum (Composer) May 24, 2022
An issue was discovered in Xen through 4.11.x on AMD x86 platforms, possibly allowing guest OS... High Unreviewed
CVE-2018-19961 was published May 13, 2022
An issue was discovered in chan_skinny.c in Asterisk Open Source 13.18.2 and older, 14.7.2 and... High Unreviewed
CVE-2017-17090 was published May 13, 2022
In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, GTM, Link Controller, PEM and Websafe... High Unreviewed
CVE-2017-0303 was published May 13, 2022
The image-upload feature in ProjeQtOr 7.2.5 allows remote attackers to execute arbitrary code by... High Unreviewed
CVE-2018-18924 was published May 13, 2022
Since Linux kernel version 3.2, the mremap() syscall performs TLB flushes after dropping... High Unreviewed
CVE-2018-18281 was published May 13, 2022
Resource leakage when decoding certificates and keys High
CVE-2022-1473 was published for openssl-src (Rust) May 4, 2022
pinkforest
BEA WebLogic Server and WebLogic Express 7.0 through Service Pack 5 does not log out users when... High Unreviewed
CVE-2005-1744 was published May 1, 2022
A flaw use after free in the Linux kernel Management Component Transport Protocol (MCTP)... High Unreviewed
CVE-2022-0646 was published Feb 19, 2022
There is a Incomplete Cleanup vulnerability in Huawei Smartphone.Successful exploitation of this... High Unreviewed
CVE-2021-37092 was published Dec 9, 2021
There is a Incomplete Cleanup vulnerability in Huawei Smartphone.Successful exploitation of this... High Unreviewed
CVE-2021-37080 was published Dec 8, 2021
There is a Incomplete Cleanup vulnerability in Huawei Smartphone.Successful exploitation of this... High Unreviewed
CVE-2021-37089 was published Dec 8, 2021
ProTip! Advisories are also available from the GraphQL API