Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,968
Erlang
29
GitHub Actions
16
Go
1,752
Maven
4,982
npm
3,516
NuGet
609
pip
3,090
Pub
10
RubyGems
832
Rust
782
Swift
34
Unreviewed advisories
All unreviewed
5,000+

10 advisories

Loading
@electron/packager's build process memory potentially leaked into final executable High
CVE-2024-29900 was published for @electron/packager (npm) Mar 29, 2024
A Marvin vulnerability side-channel leakage was found in the RSA decryption operation in the... Moderate Unreviewed
CVE-2023-6240 was published Feb 4, 2024
A flaw was found in the blkgs destruction path in block/blk-cgroup.c in the Linux kernel, leading... Moderate Unreviewed
CVE-2024-0443 was published Jan 12, 2024
A memory leak problem was found in ctnetlink_create_conntrack in net/netfilter... Moderate Unreviewed
CVE-2023-7192 was published Jan 2, 2024
An information leak was found in OpenStack's undercloud. This flaw allows unauthenticated, remote... High Unreviewed
CVE-2022-3596 was published Sep 20, 2023
Obfuscated email addresses should not be sorted Moderate
CVE-2023-38509 was published for org.xwiki.platform:xwiki-platform-livetable-ui (Maven) Jul 27, 2023
XWiki Platform may retrieve email addresses of all users High
CVE-2023-34467 was published for org.xwiki.platform:xwiki-platform-livetable-ui (Maven) Jun 20, 2023
floerer
Exposure of Resource to Wrong Sphere in org.craftercms:crafter-search Critical
CVE-2021-23264 was published for org.craftercms:crafter-search (Maven) Dec 16, 2021
OSGi applications using Vaadin 12-14 and 19 vulnerable to server classes and resources exposure High
CVE-2021-31407 was published for com.vaadin:flow-server (Maven) Apr 19, 2021
Server classes and resources exposure in OSGi applications using Vaadin 12-14 and 19 High
GHSA-j9wr-49vq-rm5g was published for com.vaadin:vaadin-bom (Maven) Apr 19, 2021
ProTip! Advisories are also available from the GraphQL API