GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
20
Go
2,000
Maven
5,000+
npm
3,711
NuGet
661
pip
3,383
Pub
11
RubyGems
885
Rust
849
Swift
36
Unreviewed advisories
All unreviewed
5,000+
18 advisories
Filter by severity
libxmljs vulnerable to type confusion when parsing specially crafted XML
High
CVE-2024-34391
was published
for
libxmljs
(npm)
May 2, 2024
eyre: Parts of Report are dropped as the wrong type during downcast
High
GHSA-4v52-7q2x-v4xj
was published
for
eyre
(Rust)
Apr 5, 2024
Duplicate advisory: Sequelize - Unsafe fall-through in getWhereConditions
High
GHSA-r3vq-92c6-3mqf
was published
for
@sequelize/core
(npm)
Feb 16, 2023
•
withdrawn
Vulnerable OpenSSL included in cryptography wheels
High
CVE-2023-0286
was published
for
cryptography
(pip)
Feb 8, 2023
Nokogiri implementation of libxslt vulnerable to heap corruption
High
CVE-2019-5815
was published
for
nokogiri
(RubyGems)
May 24, 2022
libxslt Type Confusion vulnerability that affects Nokogiri
High
CVE-2019-13118
was published
for
nokogiri
(RubyGems)
May 24, 2022
Nokogiri Improperly Handles Unexpected Data Type
High
CVE-2022-29181
was published
for
nokogiri
(RubyGems)
May 23, 2022
ChakraCore RCE Vulnerability
High
CVE-2016-7201
was published
for
Microsoft.ChakraCore
(NuGet)
May 14, 2022
ChakraCore RCE Vulnerability
High
CVE-2018-8384
was published
for
Microsoft.ChakraCore
(NuGet)
May 13, 2022
ChakraCore RCE Vulnerability
High
CVE-2018-8291
was published
for
Microsoft.ChakraCore
(NuGet)
May 13, 2022
ChakraCore RCE Vulnerability
High
CVE-2018-8298
was published
for
Microsoft.ChakraCore
(NuGet)
May 13, 2022
ChakraCore RCE Vulnerability
High
CVE-2018-8229
was published
for
Microsoft.ChakraCore
(NuGet)
May 13, 2022
ChakraCore RCE Vulnerability
High
CVE-2018-8133
was published
for
Microsoft.ChakraCore
(NuGet)
May 13, 2022
Type Confusion in LiveHelperChat
High
CVE-2022-1176
was published
for
remdex/livehelperchat
(Composer)
Apr 1, 2022
Type confusion leading to segfault in Tensorflow
High
CVE-2022-21731
was published
for
tensorflow
(pip)
Feb 10, 2022
ProTip!
Advisories are also available from the
GraphQL API