GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
42 advisories
Filter by severity
Insecure Comparison in secure-compare
High
CVE-2015-9238
was published
for
secure-compare
(npm)
Jun 3, 2019
Logic error in authentication in proxy.py
High
CVE-2021-3116
was published
for
proxy.py
(pip)
Apr 7, 2021
Incorrect Regular Expression in RestSharp
High
CVE-2021-27293
was published
for
RestSharp
(NuGet)
Jul 14, 2021
Regular expression denial of service in react-native
High
CVE-2020-1920
was published
for
react-native
(npm)
Jul 20, 2021
Inefficient Regular Expression Complexity in chalk/ansi-regex
High
CVE-2021-3807
was published
for
ansi-regex
(npm)
Sep 20, 2021
Inefficient Regular Expression Complexity in vuelidate
High
CVE-2021-3794
was published
for
@vuelidate/validators
(npm)
Sep 20, 2021
Regular Expression Denial of Service in Leo Editor
High
CVE-2020-23478
was published
for
leo
(pip)
Sep 23, 2021
github.com/tidwall/gjson Vulnerable to REDoS attack
High
CVE-2021-42836
was published
for
github.com/tidwall/gjson
(Go)
Oct 25, 2021
An Incomplete Comparison with Missing Factors vulnerability in the Gallagher Controller allows an...
High
Unreviewed
CVE-2021-23146
was published
Nov 19, 2021
An issue was discovered in split_region in uc.c in Unicorn Engine before 2.0.0-rc5. It allows...
High
Unreviewed
CVE-2021-44078
was published
Dec 27, 2021
A limited authentication bypass vulnerability was discovered that could allow an attacker to...
High
Unreviewed
CVE-2022-22990
was published
Jan 14, 2022
This vulnerability allows network-adjacent attackers to bypass authentication on affected...
High
Unreviewed
CVE-2021-34865
was published
Jan 26, 2022
Incorrect HTTP Request header comparison in Squid HTTP Proxy 3.5.0.1 through 3.5.22, and 4.0.1...
High
Unreviewed
CVE-2016-10003
was published
May 17, 2022
This vulnerability allows network-adjacent attackers to bypass authentication on affected...
High
Unreviewed
CVE-2020-8864
was published
May 24, 2022
An unauthenticated client can trigger denial of service by issuing specially crafted wire...
High
Unreviewed
CVE-2019-20925
was published
May 24, 2022
A denial-of-service vulnerability exists in the traffic-logging functionality of FreyrSCADA IEC...
High
Unreviewed
CVE-2020-13559
was published
May 24, 2022
Codiad Vulnerable to PHP Magic Hash Vulnerability
High
CVE-2020-23355
was published
for
codiad/codiad
(Composer)
May 24, 2022
chatwoot is vulnerable to Inefficient Regular Expression Complexity
High
Unreviewed
CVE-2021-3649
was published
May 24, 2022
In JetBrains YouTrack before 2021.2.16363, time-unsafe comparisons were used.
High
Unreviewed
CVE-2021-37550
was published
May 24, 2022
TensorFlow has Floating Point Exception in TFLite in conv kernel
High
CVE-2023-27579
was published
for
tensorflow
(pip)
Mar 24, 2023
TensorFlow has Segfault in Bincount with XLA
High
CVE-2023-25675
was published
for
tensorflow
(pip)
Mar 24, 2023
TensorFlow has Floating Point Exception in TensorListSplit with XLA
High
CVE-2023-25673
was published
for
tensorflow
(pip)
Mar 24, 2023
ProTip!
Advisories are also available from the
GraphQL API