GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,279
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,421
Pub
12
RubyGems
891
Rust
873
Swift
36
Unreviewed advisories
All unreviewed
5,000+
21 advisories
Filter by severity
Incomplete WebAssembly exception handing could have led to a use-after-free. This vulnerability...
Critical
Unreviewed
CVE-2024-7521
was published
Aug 6, 2024
An issue was discovered in Contiki-NG tinyDTLS through master branch 53a0d97. DTLS servers...
Critical
Unreviewed
CVE-2021-42142
was published
Jan 24, 2024
An issue was discovered in Contiki-NG tinyDTLS through 2018-08-30. One incorrect handshake could...
Critical
Unreviewed
CVE-2021-42141
was published
Jan 23, 2024
In Perl before 5.38.2, S_parse_uniprop_string in regcomp.c can write to unallocated space because...
Critical
Unreviewed
CVE-2023-47100
was published
Dec 3, 2023
bgpd/bgp_flowspec.c in FRRouting (FRR) before 8.4.3 mishandles an nlri length of zero, aka a ...
Critical
Unreviewed
CVE-2023-38406
was published
Nov 6, 2023
Due to insufficient file permissions, unprivileged users could gain access to unencrypted user...
Critical
Unreviewed
CVE-2023-21408
was published
Aug 3, 2023
Due to insufficient file permissions, unprivileged users could gain access to unencrypted...
Critical
Unreviewed
CVE-2023-21409
was published
Aug 3, 2023
This vulnerability allows remote attackers to execute arbitrary code on affected installations of...
Critical
Unreviewed
CVE-2022-23121
was published
Mar 28, 2023
Improper Handling of Parameters vulnerability in BG-TEK COSLAT Firewall allows Remote Code...
Critical
Unreviewed
CVE-2021-4105
was published
Feb 24, 2023
MISP before 2.4.166 unsafely allows users to use the order parameter, related to app/Model...
Critical
Unreviewed
CVE-2022-48329
was published
Feb 20, 2023
app/Controller/Component/IndexFilterComponent.php in MISP before 2.4.167 mishandles...
Critical
Unreviewed
CVE-2022-48328
was published
Feb 20, 2023
An improper handling of exceptional conditions vulnerability exists in Open Design Alliance ODA...
Critical
Unreviewed
CVE-2021-43272
was published
May 24, 2022
Improper handling of length parameter inconsistency vulnerability in Mitsubishi Electric FA...
Critical
Unreviewed
CVE-2021-20588
was published
May 24, 2022
An arbitrary file copy vulnerability in mod_copy in ProFTPD up to 1.3.5b allows for remote code...
Critical
Unreviewed
CVE-2019-12815
was published
May 24, 2022
A Denial of Service issue was discovered in the LIVE555 Streaming Media libraries as used in...
Critical
Unreviewed
CVE-2019-6256
was published
May 13, 2022
VeryNginx 0.3.3 allows remote attackers to bypass the Web Application Firewall feature because...
Critical
Unreviewed
CVE-2018-19991
was published
May 13, 2022
A missing error check exists in the Multi-Camera interface used by the Foscam C1 Indoor HD Camera...
Critical
Unreviewed
CVE-2017-2877
was published
May 13, 2022
burn allows file names to escape via mishandled quotation marks
Critical
Unreviewed
CVE-2009-5043
was published
Apr 21, 2022
Improper Check for Unusual or Exceptional Conditions in Connect2id Nimbus JOSE+JWT
Critical
CVE-2019-17195
was published
for
com.nimbusds:nimbus-jose-jwt
(Maven)
Oct 16, 2019
Apache Struts vulnerable to remote arbitrary command execution due to improper input validation
Critical
CVE-2017-5638
was published
for
org.apache.struts:struts2-core
(Maven)
Oct 18, 2018
ProTip!
Advisories are also available from the
GraphQL API