GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 19,370
Composer 3,968
Erlang 29
GitHub Actions 16
Go 1,749
Maven 4,978
npm 3,509
NuGet 609
pip 3,084
Pub 10
RubyGems 832
Rust 782
Swift 34

Unreviewed advisories

All unreviewed 221,313

CC-BY-4.0 License

Language support

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

5 advisories

Filter by severity

Sort by

Least recently updated

Malicious Long Unicode filenames may cause a Multiple Application-level Denial of Service Critical

CVE-2024-32874 was published for frigate (pip) May 9, 2024

jcvi vulnerable to Configuration Injection due to unsanitized user input High

CVE-2023-35932 was published for jcvi (pip) Jun 23, 2023

mindsdb arbitrary file write when extracting a remotely retrieved Tarball High

CVE-2023-30620 was published for mindsdb (pip) Mar 30, 2023

Arbitrary file write in mindsdb when Extracting Tarballs retrieved from a remote location High

CVE-2022-23522 was published for mindsdb (pip) Mar 30, 2023

GuardDog vulnerable to arbitrary file write when scanning a specially-crafted remote PyPI package Moderate

CVE-2022-23530 was published for guarddog (pip) Dec 5, 2022

ProTip! Advisories are also available from the GraphQL API

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

5 advisories