Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+

115 advisories

Loading
When curl is asked to use HSTS, the expiry time for a subdomain might overwrite a parent domain's... Moderate Unreviewed
CVE-2024-9681 was published Nov 6, 2024
Logic error in authentication in proxy.py High
CVE-2021-3116 was published for proxy.py (pip) Apr 7, 2021
An Incorrect Comparison vulnerability in the local address verification API of Juniper Networks... Moderate Unreviewed
CVE-2024-39534 was published Oct 11, 2024
NLTK Vulnerable to REDoS High
CVE-2021-3828 was published for nltk (pip) Sep 29, 2021
Regular Expression Denial of Service in Leo Editor High
CVE-2020-23478 was published for leo (pip) Sep 23, 2021
The WP Hardening – Fix Your WordPress Security plugin for WordPress is vulnerable to Security... Moderate Unreviewed
CVE-2024-6641 was published Sep 18, 2024
Integria IMS login check uses a loose comparator ("==") to compare the MD5 hash of the password... Critical Unreviewed
CVE-2021-3833 was published May 24, 2022
Incorrect Comparison in cvxopt High
CVE-2021-41500 was published for cvxopt (pip) Jan 7, 2022
The “ipaddress” module contained incorrect information about whether certain IPv4 and IPv6... High Unreviewed
CVE-2024-4032 was published Jun 17, 2024
Under certain circumstances the ExacqVision Web Services does not provide sufficient protection... Moderate Unreviewed
CVE-2024-32862 was published Aug 2, 2024
ServiceNow has addressed an input validation vulnerability that was identified in the Washington... Critical Unreviewed
CVE-2024-5217 was published Jul 10, 2024
IBM MQ Operator 3.2.2 and IBM MQ Operator 2.0.24 could allow a user to bypass authentication... High Unreviewed
CVE-2024-39742 was published Jul 8, 2024
Alpine allows Authentication Filter bypass Moderate
CVE-2022-23554 was published for us.springett:alpine (Maven) Aug 5, 2024
Softaculous Webuzo contains an authentication bypass vulnerability through the password reset... Critical Unreviewed
CVE-2024-24621 was published Jul 26, 2024
Codiad Vulnerable to PHP Magic Hash Vulnerability High
CVE-2020-23355 was published for codiad/codiad (Composer) May 24, 2022
Knock Knock plugin IP Whitelist bypass via an X-Forwarded-For HTTP header Critical
CVE-2020-13485 was published for verbb/knock-knock (Composer) May 24, 2022
A floating point exception vulnerability was found in sox, in the lsx_aiffstartwrite function at... Moderate Unreviewed
CVE-2023-26590 was published Jul 10, 2023
Babel vulnerable to arbitrary code execution when compiling specifically crafted malicious code Critical
CVE-2023-45133 was published for @babel/traverse (npm) Oct 16, 2023
SteakEnthusiast ashdude1401
nicolo-ribaudo Apetree100122 ebickle
MultiBit HD before 0.1.2 allows attackers to conduct bit-flipping attacks that insert unspendable... Moderate Unreviewed
CVE-2015-6964 was published Sep 25, 2023
An incorrect comparison vulnerability was identified in GitHub Enterprise Server that allowed... Moderate Unreviewed
CVE-2023-23766 was published Sep 22, 2023
In Trusted Firmware-M through TF-Mv1.8.0, for platforms that integrate the CryptoCell accelerator... High Unreviewed
CVE-2023-40271 was published Sep 8, 2023
An incorrect comparison vulnerability was identified in GitHub Enterprise Server that allowed... Moderate Unreviewed
CVE-2023-23765 was published Aug 31, 2023
An incorrect comparison vulnerability was identified in GitHub Enterprise Server that allowed... High Unreviewed
CVE-2023-23764 was published Jul 27, 2023
The SolarWinds Platform was susceptible to the Incorrect Comparison Vulnerability. This... High Unreviewed
CVE-2023-23844 was published Jul 26, 2023
The SolarWinds Platform was susceptible to the Incorrect Comparison Vulnerability. This... High Unreviewed
CVE-2023-23843 was published Jul 26, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database