Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,189
Erlang
31
GitHub Actions
19
Go
1,985
Maven
5,000+
npm
3,701
NuGet
657
pip
3,326
Pub
11
RubyGems
882
Rust
836
Swift
35
Unreviewed advisories
All unreviewed
5,000+

14 advisories

Loading
A vulnerability, which was classified as critical, was found in soshtolsus wing-tight. This... Critical Unreviewed
CVE-2014-125044 was published Jan 5, 2023
'remap_pfn_range' here may map out of size kernel memory (for example, may map the kernel area),... Critical Unreviewed
CVE-2022-20239 was published Aug 11, 2022
An externally controlled reference to a resource vulnerability has been reported to affect QNAP... Critical Unreviewed
CVE-2022-27593 was published Sep 9, 2022
libretime hv3.0.0-alpha.10 is affected by a path manipulation vulnerability in /blob/master... Critical Unreviewed
CVE-2021-43685 was published Dec 2, 2021
UiPath Assistant 21.4.4 will load and execute attacker controlled data from the file path... Critical Unreviewed
CVE-2021-44041 was published Dec 15, 2021
A vulnerability was found in 3D City Database OGC Web Feature Service up to 5.2.1. It has been... Critical Unreviewed
CVE-2022-4607 was published Dec 19, 2022
A external control of file name or path in Fortinet FortiNAC versions 9.4.0, 9.2.0 through 9.2.5,... Critical Unreviewed
CVE-2022-39952 was published Feb 16, 2023
An unauthenticated remote attacker can use SMA 100 as an unintended proxy or intermediary... Critical Unreviewed
CVE-2021-20042 was published Dec 9, 2021
Sandbox Breakout in safe-eval Critical
CVE-2017-16088 was published for safe-eval (npm) Jul 18, 2018
External Control of File Name or Path in h2oai/h2o-3 Critical
CVE-2023-6569 was published for h2o (pip) Dec 14, 2023
An access issue was addressed with additional sandbox restrictions. This issue is fixed in... Critical Unreviewed
CVE-2019-7290 was published May 24, 2022
Spin applications with specific configuration vulnerable to potential network sandbox escape Critical
CVE-2024-32980 was published for spin-sdk (Rust) May 8, 2024
Grafana Fine-grained access control vulnerability Critical
CVE-2021-41244 was published for github.com/grafana/grafana (Go) May 14, 2024
ASUS Armoury Crate has a vulnerability in arbitrary file write and allows remote attackers to... Critical Unreviewed
CVE-2023-5716 was published Jan 19, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database