GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,968
Erlang
29
GitHub Actions
16
Go
1,749
Maven
4,978
npm
3,509
NuGet
609
pip
3,084
Pub
10
RubyGems
832
Rust
782
Swift
34
Unreviewed advisories
All unreviewed
5,000+
27 advisories
Filter by severity
A vulnerability in Cisco IOS Software for Cisco Catalyst 6000 Series Switches could allow an...
High
Unreviewed
CVE-2024-20276
was published
Mar 27, 2024
A flaw was found in Open vSwitch where multiple versions are vulnerable to crafted Geneve packets...
High
Unreviewed
CVE-2023-3966
was published
Feb 22, 2024
Uncaught exception for some Intel Unison software may allow an authenticated user to potentially...
High
Unreviewed
CVE-2023-22292
was published
Nov 14, 2023
A vulnerability in ICMPv6 processing of Cisco Adaptive Security Appliance (ASA) Software and...
High
Unreviewed
CVE-2023-20086
was published
Nov 1, 2023
quic-go vulnerable to pointer dereference that can lead to panic
High
CVE-2023-46239
was published
for
github.com/quic-go/quic-go
(Go)
Oct 30, 2023
phonenumber panics on parsing crafted RFC3966 inputs
High
CVE-2023-42444
was published
for
phonenumber
(Rust)
Sep 21, 2023
Denial of Service Vulnerability in gRPC TCP Server (Posix-compatible platforms)
High
CVE-2023-4785
was published
for
grpc
(RubyGems)
Sep 13, 2023
json2xml Uncaught Exception vulnerability
High
CVE-2022-25024
was published
for
json2xml
(pip)
Aug 23, 2023
DoS vulnerability for apps with sockets enabled
High
CVE-2023-38504
was published
for
sails
(npm)
Jul 27, 2023
In Splunk Enterprise versions below 8.1.13, 8.2.10, and 9.0.4, an improperly-formatted ...
High
Unreviewed
CVE-2023-22941
was published
Jul 6, 2023
Vulnerability of failures to capture exceptions in the communication framework. Successful...
High
Unreviewed
CVE-2023-1691
was published
Jul 6, 2023
Unchecked parameter value in M-Files Server in versions before 23.6.12695.3 (excluding 23.2 SR2...
High
Unreviewed
CVE-2023-3405
was published
Jun 27, 2023
Uncaught Exception in thorsten/phpmyfaq
High
CVE-2023-0790
was published
for
thorsten/phpmyfaq
(Composer)
Feb 12, 2023
fastify/websocket vulnerable to uncaught exception via crash on malformed packet
High
CVE-2022-39386
was published
for
@fastify/websocket
(npm)
Nov 7, 2022
A vulnerability in the processing of malformed Common Industrial Protocol (CIP) packets that are...
High
Unreviewed
CVE-2022-20919
was published
Oct 1, 2022
A vulnerability has been identified in SIMATIC ET 200SP Open Controller (incl. SIPLUS variants) ...
High
Unreviewed
CVE-2020-15796
was published
May 24, 2022
Crash when decoding malformed HTTP requests or malformed JSON payload
High
CVE-2018-1330
was published
for
org.apache.mesos:mesos
(Maven)
May 14, 2022
A vulnerability has been identified in SIMATIC CP 443-1 OPC UA (All versions), SIMATIC ET 200SP...
High
Unreviewed
CVE-2019-6575
was published
May 13, 2022
Denial-of-Service when binding invalid parameters in sqlite3
High
CVE-2022-21227
was published
for
sqlite3
(npm)
Apr 28, 2022
Denial of Service vulnerability in @podium/layout and @podium/proxy
High
CVE-2022-24822
was published
for
@podium/layout
(npm)
Apr 7, 2022
DOS and Open Redirect with user input
High
CVE-2021-22964
was published
for
fastify-static
(npm)
Oct 12, 2021
Uncaught Exception in jsoup
High
CVE-2021-37714
was published
for
org.jsoup:jsoup
(Maven)
Aug 23, 2021
ProTip!
Advisories are also available from the
GraphQL API