GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,968
Erlang
29
GitHub Actions
16
Go
1,752
Maven
4,982
npm
3,516
NuGet
609
pip
3,090
Pub
10
RubyGems
832
Rust
782
Swift
34
Unreviewed advisories
All unreviewed
5,000+
383 advisories
Filter by severity
A flaw was found in KVM. An improper check in svm_set_x2apic_msr_interception() may allow direct...
Moderate
Unreviewed
CVE-2023-5090
was published
Nov 6, 2023
Windows Hyper-V Denial of Service Vulnerability
Moderate
Unreviewed
CVE-2024-20699
was published
Jan 9, 2024
In the Linux kernel, the following vulnerability has been resolved:
net: tls: handle backlogging...
Moderate
Unreviewed
CVE-2024-26584
was published
Feb 21, 2024
In the Linux kernel, the following vulnerability has been resolved:
net/smc: Fix possible access...
Moderate
Unreviewed
CVE-2022-48673
was published
May 3, 2024
github.com/nats-io/nats-server Import token permissions checking not enforced
High
GHSA-j756-f273-xhp4
was published
for
github.com/nats-io/nats-server/v2
(Go)
May 21, 2021
Authorization bypass in github.com/dgrijalva/jwt-go
High
CVE-2020-26160
was published
for
github.com/dgrijalva/jwt-go
(Go)
May 18, 2021
D-Link G416 httpd Improper Handling of Exceptional Conditions Information Disclosure...
Moderate
Unreviewed
CVE-2023-50212
was published
May 3, 2024
In the Linux kernel, the following vulnerability has been resolved:
drm/buddy: Fix alloc_range()...
Low
Unreviewed
CVE-2024-26911
was published
Apr 17, 2024
bgpd/bgp_flowspec.c in FRRouting (FRR) before 8.4.3 mishandles an nlri length of zero, aka a ...
Critical
Unreviewed
CVE-2023-38406
was published
Nov 6, 2023
@hono/node-server has Denial of Service risk when receiving Host header that cannot be parsed
High
CVE-2024-32652
was published
for
@hono/node-server
(npm)
Apr 19, 2024
An Improper Handling of Exceptional Conditions vulnerability in Juniper Networks Junos OS and...
Moderate
Unreviewed
CVE-2024-30380
was published
Apr 16, 2024
Traefik vulnerable to denial of service with Content-length header
High
CVE-2024-28869
was published
for
github.com/traefik/traefik
(Go)
Apr 12, 2024
An Improper Handling of Exceptional Conditions vulnerability in the routing protocol daemon (rpd)...
High
Unreviewed
CVE-2024-30382
was published
Apr 12, 2024
An Improper Handling of Exceptional Conditions vulnerability in the Class of Service daemon (cosd...
Moderate
Unreviewed
CVE-2024-21610
was published
Apr 12, 2024
An issue was discovered in Exynos Mobile Processor and Modem for Exynos Modem 5123, Exynos Modem...
High
Unreviewed
CVE-2023-29092
was published
May 9, 2023
SpiceDB: LookupSubjects may return partial results if a specific kind of relation is used
Low
CVE-2024-32001
was published
for
github.com/authzed/spicedb
(Go)
Apr 10, 2024
In the Linux kernel, the following vulnerability has been resolved:
parisc: Clear stale IIR...
Moderate
Unreviewed
CVE-2021-46928
was published
Feb 27, 2024
OpenStack Neutron's unsupported dport option prevents applying security groups
Moderate
CVE-2019-9735
was published
for
neutron
(pip)
May 13, 2022
XNSoft Nconvert 7.136 has an Exception Handler Chain Corrupted via a crafted image file....
High
Unreviewed
CVE-2023-43251
was published
Oct 19, 2023
When IPSec is configured on a Virtual Server, undisclosed traffic can cause TMM to terminate.
...
High
Unreviewed
CVE-2023-41085
was published
Oct 10, 2023
A problem with a protection mechanism in the Palo Alto Networks Cortex XDR agent on Windows...
Moderate
Unreviewed
CVE-2023-3280
was published
Sep 13, 2023
A lack of custom error pages vulnerability [CWE-756] in FortiPresence versions 1.2.0 through 1.2...
Moderate
Unreviewed
CVE-2023-27998
was published
Sep 13, 2023
Improper Handling of Exceptional Conditions vulnerability in Daurnimator HTTP Library for Lua...
High
Unreviewed
CVE-2023-4540
was published
Sep 5, 2023
An Improper Handling of Unicode Encoding vulnerability in the Schweitzer Engineering...
Moderate
Unreviewed
CVE-2023-31169
was published
Aug 31, 2023
Motorola EBTS/MBTS Site Controller drops to debug prompt on unhandled exception. The Motorola...
High
Unreviewed
CVE-2023-23774
was published
Aug 29, 2023
ProTip!
Advisories are also available from the
GraphQL API