GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,279
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,421
Pub
12
RubyGems
891
Rust
873
Swift
36
Unreviewed advisories
All unreviewed
5,000+
32 advisories
Filter by severity
In the Linux kernel, the following vulnerability has been resolved:
pmdomain: imx93-blk-ctrl:...
Moderate
Unreviewed
CVE-2024-53134
was published
Dec 4, 2024
HCL Traveler for Microsoft Outlook (HTMO) is susceptible to a control flow vulnerability. The...
Moderate
Unreviewed
CVE-2024-30133
was published
Nov 12, 2024
wasmtime has a runtime crash when combining tail calls with trapping imports
Moderate
CVE-2024-47763
was published
for
wasmtime
(Rust)
Oct 9, 2024
Requests `Session` object does not verify requests after making first request with verify=False
Moderate
CVE-2024-35195
was published
for
requests
(pip)
May 20, 2024
eZ Platform Rules to disable executable access are ignored on Platform.sh (eZ Cloud)
Moderate
GHSA-6xch-2vxx-5pvr
was published
for
ezsystems/ezplatform
(Composer)
May 15, 2024
An issue in phiola/src/afilter/conv.c:115 of phiola v2.0-rc22 allows a remote attacker to cause a...
Moderate
Unreviewed
CVE-2024-33431
was published
May 1, 2024
A malicious insider exploiting this vulnerability can circumvent existing security controls put...
Moderate
Unreviewed
CVE-2024-0313
was published
Mar 14, 2024
OpenZeppelin Contracts and Contracts Upgradeable duplicated execution of subcalls in v4.9.4
Moderate
CVE-2023-49798
was published
for
@openzeppelin/contracts
(npm)
Dec 12, 2023
Always incorrect control flow in github.com/mojocn/base64Captcha
Moderate
CVE-2023-45292
was published
for
github.com/mojocn/base64Captcha
(Go)
Dec 12, 2023
Fiber unauthorized access vulnerability in `ctx.IsFromLocal()`
Moderate
CVE-2023-41338
was published
for
github.com/gofiber/fiber
(Go)
Sep 8, 2023
incorrect order of evaluation of side effects for some builtins
Moderate
CVE-2023-41052
was published
for
vyper
(pip)
Sep 4, 2023
Vyper: reversed order of side effects for some operations
Moderate
CVE-2023-40015
was published
for
vyper
(pip)
Sep 4, 2023
Insufficient control flow management in the Hyperscan Library maintained by Intel(R) before...
Moderate
Unreviewed
CVE-2023-28711
was published
Aug 11, 2023
Incorrect control flow in Jenkins Gradle Plugin breaks credentials masking in the build log
Moderate
CVE-2023-39152
was published
for
org.jenkins-ci.plugins:gradle
(Maven)
Jul 26, 2023
Vyper's nonpayable default functions are sometimes payable
Moderate
CVE-2023-32675
was published
for
vyper
(pip)
May 22, 2023
An issue was discovered in ONOS 2.5.1. An intent with the same source and destination shows the...
Moderate
Unreviewed
CVE-2022-29609
was published
Apr 20, 2023
Insufficient control flow management for the Intel(R) SGX SDK software for Linux before version 2...
Moderate
Unreviewed
CVE-2022-26841
was published
Feb 16, 2023
Seg fault in `ndarray_tensor_bridge` due to zero and large inputs
Moderate
CVE-2022-41884
was published
for
tensorflow
(pip)
Nov 21, 2022
Incorrect is_static parameter for custom stateful precompiles in SputnikVM (evm)
Moderate
CVE-2022-39354
was published
for
evm
(Rust)
Oct 25, 2022
Solana Pay Vulnerable to Weakness in Transfer Validation Logic
Moderate
CVE-2022-35917
was published
for
@solana/pay
(npm)
Aug 6, 2022
** DISPUTED ** Styra Open Policy Agent (OPA) Gatekeeper through 3.7.0 mishandles concurrency,...
Moderate
Unreviewed
CVE-2021-43979
was published
May 24, 2022
An always-incorrect control flow implementation in the implicit filter terms of Juniper Networks...
Moderate
Unreviewed
CVE-2021-0273
was published
May 24, 2022
Multiple Cisco products are affected by a vulnerability in the Snort application detection engine...
Moderate
Unreviewed
CVE-2021-1236
was published
May 24, 2022
An electromagnetic-wave side-channel issue was discovered on NXP SmartMX / P5x security...
Moderate
Unreviewed
CVE-2021-3011
was published
May 24, 2022
MediaWiki before 1.35.1 blocks legitimate attempts to hide log entries in some situations. If one...
Moderate
Unreviewed
CVE-2020-35477
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API