Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,029
Erlang
29
GitHub Actions
16
Go
1,832
Maven
5,000+
npm
3,573
NuGet
632
pip
3,160
Pub
10
RubyGems
847
Rust
797
Swift
34
Unreviewed advisories
All unreviewed
5,000+

9 advisories

Loading
A vulnerability, which was classified as critical, was found in soshtolsus wing-tight. This... Critical Unreviewed
CVE-2014-125044 was published Jan 5, 2023
A vulnerability, which was classified as problematic, has been found in sternenseemann... Critical Unreviewed
CVE-2014-125059 was published Jan 7, 2023
There are multiple API function codes that permit reading and writing data to or from files and... Critical Unreviewed
CVE-2021-38477 was published May 24, 2022
External Control of File Name or Path in h2oai/h2o-3 Critical
CVE-2023-6569 was published for h2o (pip) Dec 14, 2023
A local file inclusion vulnerability exists in the getLanguageFromBrowser functionality of WWBN... Critical Unreviewed
CVE-2023-47862 was published Jan 10, 2024
Dompdf's usage of vulnerable version of phenx/php-svg-lib leads to restriction bypass and potential RCE Critical
GHSA-97m3-52wr-xvv2 was published for phenx/php-svg-lib (Composer) Feb 22, 2024
Blaklis ErwanGuillon
bsweeney
The Media Library Assistant plugin for WordPress is vulnerable to Local File Inclusion and Remote... Critical Unreviewed
CVE-2023-4634 was published Sep 6, 2023
NVIDIA Triton Inference Server for Linux contains a vulnerability where a user can set the... Critical Unreviewed
CVE-2024-0087 was published May 14, 2024
An issue in Advanced Plugins reportsstatistics v1.3.20 and before allows a remote attacker to... Critical Unreviewed
CVE-2024-28394 was published Mar 20, 2024
ProTip! Advisories are also available from the GraphQL API