Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,279
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,421
Pub
12
RubyGems
891
Rust
873
Swift
36
Unreviewed advisories
All unreviewed
5,000+

35 advisories

Loading
In the Linux kernel, the following vulnerability has been resolved: mm: call the... High Unreviewed
CVE-2024-47745 was published Oct 21, 2024
btcd did not correctly re-implement Bitcoin Core's "FindAndDelete()" functionality High
CVE-2024-38365 was published for github.com/btcsuite/btcd (Go) Oct 10, 2024
darosior dergoegge
A vulnerability in the DHCP Snooping feature of Cisco IOS XE Software on Software-Defined Access ... High Unreviewed
CVE-2024-20480 was published Sep 25, 2024
Denial of service in quinn-proto when using `Endpoint::retry()` High
CVE-2024-45311 was published for quinn-proto (Rust) Sep 3, 2024
finnbear BiagioFesta
there is a possible way to bypass due to a logic error in the code. This could lead to local... High Unreviewed
CVE-2024-32896 was published Jun 13, 2024
Contract balance not updating correctly after interchain transaction High
CVE-2024-37153 was published for github.com/evmos/evmos/v10 (Go) Jun 6, 2024
Vvaradinov EvmosDAO
Tor Arti's STUB circuits incorrectly have a length of 2 High
CVE-2024-35312 was published for arti (Rust) May 18, 2024
Insufficient authentication flow in Checkmk before 2.2.0p17, 2.1.0p37 and 2.0.0p39 allows... High Unreviewed
CVE-2023-31211 was published Jan 12, 2024
Electron's Content-Secrity-Policy disabling eval not applied consistently in renderers with sandbox disabled High
CVE-2023-23623 was published for electron (npm) Sep 6, 2023
andreasdj
Trigger `beforeFind` not invoked in internal query pipeline when fetching pointer High
CVE-2023-41058 was published for parse-server (npm) Sep 4, 2023
Moumouls mtrezza
Nokia Service Router Operating System (SR OS) 22.10 and SR Linux, when error-handling update... High Unreviewed
CVE-2023-41376 was published Aug 29, 2023
Incorrect success value returned in vyper High
CVE-2023-30629 was published for vyper (pip) Apr 24, 2023
algys pavelvm5
An issue was discovered in ONOS 2.5.1. Modification of an existing intent to have the same source... High Unreviewed
CVE-2022-29607 was published Apr 20, 2023
An issue was discovered in ONOS 2.5.1. IntentManager attempts to install the IPv6 flow rules of... High Unreviewed
CVE-2022-29605 was published Apr 20, 2023
A flaw was found in openvswitch (OVS). When processing an IP packet with protocol 0, OVS will... High Unreviewed
CVE-2023-1668 was published Apr 11, 2023
Insufficient control flow management in some Intel(R) Ethernet Controller Administrative Tools... High Unreviewed
CVE-2022-27808 was published Feb 16, 2023
Insufficient control flow management in the Intel(R) Battery Life Diagnostic Tool software before... High Unreviewed
CVE-2022-36278 was published Feb 16, 2023
In addOrReplacePhoneAccount of PhoneAccountRegistrar.java, there is a possible way to enable a... High Unreviewed
CVE-2023-20915 was published Jan 26, 2023
In onPackageRemoved of AccessibilityManagerService.java, there is a possibility to automatically... High Unreviewed
CVE-2023-20921 was published Jan 26, 2023
Incorrect handling of invalid surrogate pair characters High
CVE-2022-31116 was published for ujson (pip) Jul 5, 2022
JustAnotherArchivist the-bumble
Multiple evaluation of contract address in call in vyper High
CVE-2022-29255 was published for vyper (pip) Jun 6, 2022
bson-objectid contains Improper input validation High
CVE-2019-19729 was published for bson-objectid (npm) May 24, 2022
A vulnerability in IPv6 traffic processing of Cisco IOS XE Wireless Controller Software for Cisco... High Unreviewed
CVE-2021-34767 was published May 24, 2022
In updateCapabilities of ConnectivityService.java, there is a possible incorrect network state... High Unreviewed
CVE-2021-0517 was published May 24, 2022
Leptonica before 1.80.0 allows a denial of service (application crash) via an incorrect left... High Unreviewed
CVE-2020-36277 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database