Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,968
Erlang
29
GitHub Actions
16
Go
1,752
Maven
4,982
npm
3,516
NuGet
609
pip
3,090
Pub
10
RubyGems
832
Rust
782
Swift
34
Unreviewed advisories
All unreviewed
5,000+

383 advisories

Loading
A flaw was found in KVM. An improper check in svm_set_x2apic_msr_interception() may allow direct... Moderate Unreviewed
CVE-2023-5090 was published Nov 6, 2023
Windows Hyper-V Denial of Service Vulnerability Moderate Unreviewed
CVE-2024-20699 was published Jan 9, 2024
In the Linux kernel, the following vulnerability has been resolved: net: tls: handle backlogging... Moderate Unreviewed
CVE-2024-26584 was published Feb 21, 2024
In the Linux kernel, the following vulnerability has been resolved: net/smc: Fix possible access... Moderate Unreviewed
CVE-2022-48673 was published May 3, 2024
github.com/nats-io/nats-server Import token permissions checking not enforced High
GHSA-j756-f273-xhp4 was published for github.com/nats-io/nats-server/v2 (Go) May 21, 2021
Authorization bypass in github.com/dgrijalva/jwt-go High
CVE-2020-26160 was published for github.com/dgrijalva/jwt-go (Go) May 18, 2021
D-Link G416 httpd Improper Handling of Exceptional Conditions Information Disclosure... Moderate Unreviewed
CVE-2023-50212 was published May 3, 2024
In the Linux kernel, the following vulnerability has been resolved: drm/buddy: Fix alloc_range()... Low Unreviewed
CVE-2024-26911 was published Apr 17, 2024
bgpd/bgp_flowspec.c in FRRouting (FRR) before 8.4.3 mishandles an nlri length of zero, aka a ... Critical Unreviewed
CVE-2023-38406 was published Nov 6, 2023
@hono/node-server has Denial of Service risk when receiving Host header that cannot be parsed High
CVE-2024-32652 was published for @hono/node-server (npm) Apr 19, 2024
An Improper Handling of Exceptional Conditions vulnerability in Juniper Networks Junos OS and... Moderate Unreviewed
CVE-2024-30380 was published Apr 16, 2024
Traefik vulnerable to denial of service with Content-length header High
CVE-2024-28869 was published for github.com/traefik/traefik (Go) Apr 12, 2024
Prajithp
An Improper Handling of Exceptional Conditions vulnerability in the routing protocol daemon (rpd)... High Unreviewed
CVE-2024-30382 was published Apr 12, 2024
An Improper Handling of Exceptional Conditions vulnerability in the Class of Service daemon (cosd... Moderate Unreviewed
CVE-2024-21610 was published Apr 12, 2024
An issue was discovered in Exynos Mobile Processor and Modem for Exynos Modem 5123, Exynos Modem... High Unreviewed
CVE-2023-29092 was published May 9, 2023
SpiceDB: LookupSubjects may return partial results if a specific kind of relation is used Low
CVE-2024-32001 was published for github.com/authzed/spicedb (Go) Apr 10, 2024
In the Linux kernel, the following vulnerability has been resolved: parisc: Clear stale IIR... Moderate Unreviewed
CVE-2021-46928 was published Feb 27, 2024
OpenStack Neutron's unsupported dport option prevents applying security groups Moderate
CVE-2019-9735 was published for neutron (pip) May 13, 2022
XNSoft Nconvert 7.136 has an Exception Handler Chain Corrupted via a crafted image file.... High Unreviewed
CVE-2023-43251 was published Oct 19, 2023
When IPSec is configured on a Virtual Server, undisclosed traffic can cause TMM to terminate.  ... High Unreviewed
CVE-2023-41085 was published Oct 10, 2023
A problem with a protection mechanism in the Palo Alto Networks Cortex XDR agent on Windows... Moderate Unreviewed
CVE-2023-3280 was published Sep 13, 2023
A lack of custom error pages vulnerability [CWE-756] in FortiPresence versions 1.2.0 through 1.2... Moderate Unreviewed
CVE-2023-27998 was published Sep 13, 2023
Improper Handling of Exceptional Conditions vulnerability in Daurnimator HTTP Library for Lua... High Unreviewed
CVE-2023-4540 was published Sep 5, 2023
An Improper Handling of Unicode Encoding vulnerability in the Schweitzer Engineering... Moderate Unreviewed
CVE-2023-31169 was published Aug 31, 2023
Motorola EBTS/MBTS Site Controller drops to debug prompt on unhandled exception. The Motorola... High Unreviewed
CVE-2023-23774 was published Aug 29, 2023
ProTip! Advisories are also available from the GraphQL API