GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,968
Erlang
29
GitHub Actions
16
Go
1,749
Maven
4,978
npm
3,509
NuGet
609
pip
3,084
Pub
10
RubyGems
832
Rust
782
Swift
34
Unreviewed advisories
All unreviewed
5,000+
28 advisories
Filter by severity
Panic when parsing invalid palette-color images in golang.org/x/image
Moderate
CVE-2024-24792
was published
for
golang.org/x/image
(Go)
Jun 26, 2024
@strapi/plugin-upload has a Denial-of-Service via Improper Exception Handling
Moderate
CVE-2024-31217
was published
for
@strapi/plugin-upload
(npm)
Jun 12, 2024
IBM App Connect Enterprise 11.0.0.1 through 11.0.0.25 and 12.0.1.0 through 12.0.12.0 integration...
Moderate
Unreviewed
CVE-2024-31904
was published
May 22, 2024
Denial of service (DoS) vulnerability in the AMS module
Impact: Successful exploitation of this...
Moderate
Unreviewed
CVE-2024-32995
was published
May 14, 2024
Elasticsearch Uncaught Exception leading to crash
Moderate
CVE-2024-23449
was published
for
org.elasticsearch:elasticsearch
(Maven)
Mar 29, 2024
A flaw has been discovered in GnuTLS where an application crash can be induced when attempting to...
Moderate
Unreviewed
CVE-2024-28835
was published
Mar 21, 2024
Uncaught Exception in Macro Expecting Native Function to Exist
Moderate
GHSA-6wr5-jmpr-mjcx
was published
for
surrealdb
(Rust)
Feb 21, 2024
Uncaught Exception Handling Parsing Errors on Line Terminators
Moderate
GHSA-8xff-473h-f863
was published
for
surrealdb
(Rust)
Feb 21, 2024
StorageGRID (formerly StorageGRID Webscale) versions prior to 11.8
are susceptible to a Denial...
Moderate
Unreviewed
CVE-2024-21983
was published
Feb 17, 2024
StorageGRID (formerly StorageGRID Webscale) versions 11.6.0 through
11.6.0.13 are susceptible to...
Moderate
Unreviewed
CVE-2023-27318
was published
Feb 5, 2024
Uncaught Exception in surrealdb
Moderate
GHSA-jm4v-58r5-66hj
was published
for
surrealdb
(Rust)
Jan 18, 2024
Uncaught exception for some Intel Unison software may allow an authenticated user to potentially...
Moderate
Unreviewed
CVE-2023-22290
was published
Nov 14, 2023
stellar-strkey vulnerable to panic in SignedPayload::from_payload
Moderate
CVE-2023-46135
was published
for
stellar-strkey
(Rust)
Oct 25, 2023
NVIDIA Cumulus Linux contains a vulnerability in neighmgrd and nlmanager where an attacker on an...
Moderate
Unreviewed
CVE-2023-25526
was published
Sep 20, 2023
engine.io Uncaught Exception vulnerability
Moderate
CVE-2023-31125
was published
for
engine.io
(npm)
May 3, 2023
XWiki Platform vulnerable to page render failure due to broken translations
Moderate
CVE-2023-29520
was published
for
org.xwiki.platform:xwiki-platform-localization-source-wiki
(Maven)
Apr 20, 2023
mercurius has Uncaught Exception when using subscriptions
Moderate
CVE-2023-22477
was published
for
mercurius
(npm)
Jan 9, 2023
Uncaught exception in engine.io
Moderate
CVE-2022-41940
was published
for
engine.io
(npm)
Nov 21, 2022
Keylime: unhandled exceptions could lead to invalid attestation states
Moderate
CVE-2022-3500
was published
for
Keylime
(pip)
Oct 28, 2022
Unexpected server crash in Next.js
Moderate
CVE-2022-36046
was published
for
next
(npm)
Aug 30, 2022
Uncaught Exception (due to a data race) leads to process termination in Waitress
Moderate
CVE-2022-31015
was published
for
waitress
(pip)
Jun 2, 2022
Camaleon CMS vulnerable to Uncaught Exception
Moderate
CVE-2021-25971
was published
for
camaleon_cms
(RubyGems)
May 24, 2022
It was found in AMQ Online before 1.5.2 that injecting an invalid field to a user's AddressSpace...
Moderate
Unreviewed
CVE-2020-14348
was published
May 24, 2022
Undertow Uncaught Exception vulnerability
Moderate
CVE-2016-7046
was published
for
io.undertow:undertow-core
(Maven)
May 17, 2022
Uncaught Exception in zip4j
Moderate
CVE-2022-24615
was published
for
net.lingala.zip4j:zip4j
(Maven)
Feb 25, 2022
ProTip!
Advisories are also available from the
GraphQL API