GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
21 advisories
Filter by severity
A vulnerability in the multicast DNS (mDNS) gateway feature of Cisco IOS XE Software for Wireless...
High
Unreviewed
CVE-2024-20303
was published
Mar 27, 2024
Apache Struts Improper Control of Dynamically-Managed Code Resources vulnerability
High
CVE-2023-41835
was published
for
org.apache.struts:struts2-core
(Maven)
Dec 5, 2023
A double-free flaw was found in the Linux kernel’s NTFS3 subsystem in how a user triggers remount...
High
Unreviewed
CVE-2022-3238
was published
Jul 6, 2023
An information leak vulnerability was discovered in HAProxy 2.1, 2.2 before 2.2.27, 2.3, 2.4...
High
Unreviewed
CVE-2023-0836
was published
Mar 29, 2023
redis-py Race Condition due to incomplete fix
High
CVE-2023-28859
was published
for
redis
(pip)
Mar 26, 2023
Local privilege escalation due to incomplete uninstallation cleanup. The following products are...
High
Unreviewed
CVE-2022-45455
was published
Feb 13, 2023
Xenstore: Guests can get access to Xenstore nodes of deleted domains Access rights of Xenstore...
High
Unreviewed
CVE-2022-42320
was published
Nov 1, 2022
Incomplete cleanup in some Intel(R) VT-d products may allow an authenticated user to potentially...
High
Unreviewed
CVE-2020-24489
was published
May 24, 2022
There is an unsafe incomplete reset of PATH in OpenDoas 6.6 through 6.8 when changing the user...
High
Unreviewed
CVE-2019-25016
was published
May 24, 2022
Flarum mishandles invalidation of user email tokens
High
CVE-2019-11514
was published
for
flarum/flarum
(Composer)
May 24, 2022
An issue was discovered in Xen through 4.11.x on AMD x86 platforms, possibly allowing guest OS...
High
Unreviewed
CVE-2018-19961
was published
May 13, 2022
An issue was discovered in chan_skinny.c in Asterisk Open Source 13.18.2 and older, 14.7.2 and...
High
Unreviewed
CVE-2017-17090
was published
May 13, 2022
In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, GTM, Link Controller, PEM and Websafe...
High
Unreviewed
CVE-2017-0303
was published
May 13, 2022
The image-upload feature in ProjeQtOr 7.2.5 allows remote attackers to execute arbitrary code by...
High
Unreviewed
CVE-2018-18924
was published
May 13, 2022
Since Linux kernel version 3.2, the mremap() syscall performs TLB flushes after dropping...
High
Unreviewed
CVE-2018-18281
was published
May 13, 2022
Resource leakage when decoding certificates and keys
High
CVE-2022-1473
was published
for
openssl-src
(Rust)
May 4, 2022
BEA WebLogic Server and WebLogic Express 7.0 through Service Pack 5 does not log out users when...
High
Unreviewed
CVE-2005-1744
was published
May 1, 2022
A flaw use after free in the Linux kernel Management Component Transport Protocol (MCTP)...
High
Unreviewed
CVE-2022-0646
was published
Feb 19, 2022
There is a Incomplete Cleanup vulnerability in Huawei Smartphone.Successful exploitation of this...
High
Unreviewed
CVE-2021-37092
was published
Dec 9, 2021
There is a Incomplete Cleanup vulnerability in Huawei Smartphone.Successful exploitation of this...
High
Unreviewed
CVE-2021-37080
was published
Dec 8, 2021
There is a Incomplete Cleanup vulnerability in Huawei Smartphone.Successful exploitation of this...
High
Unreviewed
CVE-2021-37089
was published
Dec 8, 2021
ProTip!
Advisories are also available from the
GraphQL API