Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,318
Erlang
31
GitHub Actions
21
Go
2,074
Maven
5,000+
npm
3,746
NuGet
674
pip
3,434
Pub
12
RubyGems
892
Rust
880
Swift
37
Unreviewed advisories
All unreviewed
5,000+

138 advisories

Loading
The string component in the GNU C Library (aka glibc or libc6) through 2.28, when running on the... High Unreviewed
CVE-2019-6488 was published May 13, 2022
The Web Sockets implementation in Google Chrome before 7.0.517.41 does not properly handle a... High Unreviewed
CVE-2010-4038 was published May 13, 2022
An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle... High Unreviewed
CVE-2018-8224 was published May 13, 2022
An issue was discovered in EMC RSA BSAFE Crypto-J versions prior to 6.2.2. There is an Improper... High Unreviewed
CVE-2016-8212 was published May 13, 2022
Resource leakage when decoding certificates and keys High
CVE-2022-1473 was published for openssl-src (Rust) May 4, 2022
pinkforest
Denial of Service in Packetbeat High
CVE-2017-11480 was published for github.com/elastic/beats (Go) Feb 15, 2022
Puma used with Rails may lead to Information Exposure High
CVE-2022-23634 was published for puma (RubyGems) Feb 11, 2022
byroot
A DoS attack in the web application of D-Link DIR-X1860 before v1.10WWB09_Beta allows a remote... High Unreviewed
CVE-2021-41441 was published Feb 10, 2022
On BIG-IP versions 16.x before 16.1.0, 15.1.x before 15.1.4.1, 14.1.x before 14.1.4.4, and all... High Unreviewed
CVE-2022-23010 was published Jan 26, 2022
The TCP Server module in toxcore before 0.2.8 doesn't free the TCP priority queue under certain... High Unreviewed
CVE-2018-25021 was published Dec 14, 2021
Improper Resource Shutdown or Release in TYPO3 extension High
CVE-2021-38623 was published for webcoast/deferred-image-processing (Composer) Aug 30, 2021
Improper Resource Shutdown or Release in HashiCorp Vault High
CVE-2020-7220 was published for github.com/hashicorp/vault (Go) Jul 28, 2021
Pyopenssl Incorrect Memory Management High
CVE-2018-1000808 was published for pyopenssl (pip) Oct 10, 2018
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database