GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
72 advisories
Filter by severity
When curl is asked to use HSTS, the expiry time for a subdomain might
overwrite a parent domain's...
Moderate
Unreviewed
CVE-2024-9681
was published
Nov 6, 2024
An Incorrect Comparison vulnerability in the local address verification API of Juniper Networks...
Moderate
Unreviewed
CVE-2024-39534
was published
Oct 11, 2024
The WP Hardening – Fix Your WordPress Security plugin for WordPress is vulnerable to Security...
Moderate
Unreviewed
CVE-2024-6641
was published
Sep 18, 2024
Integria IMS login check uses a loose comparator ("==") to compare the MD5 hash of the password...
Critical
Unreviewed
CVE-2021-3833
was published
May 24, 2022
The “ipaddress” module contained incorrect information about whether certain IPv4 and IPv6...
High
Unreviewed
CVE-2024-4032
was published
Jun 17, 2024
Under certain circumstances the ExacqVision Web Services does not provide sufficient protection...
Moderate
Unreviewed
CVE-2024-32862
was published
Aug 2, 2024
ServiceNow has addressed an input validation vulnerability that was identified in the Washington...
Critical
Unreviewed
CVE-2024-5217
was published
Jul 10, 2024
IBM MQ Operator 3.2.2 and IBM MQ Operator 2.0.24 could allow a user to bypass authentication...
High
Unreviewed
CVE-2024-39742
was published
Jul 8, 2024
Softaculous Webuzo contains an authentication bypass vulnerability through the password reset...
Critical
Unreviewed
CVE-2024-24621
was published
Jul 26, 2024
A floating point exception vulnerability was found in sox, in the lsx_aiffstartwrite function at...
Moderate
Unreviewed
CVE-2023-26590
was published
Jul 10, 2023
MultiBit HD before 0.1.2 allows attackers to conduct bit-flipping attacks that insert unspendable...
Moderate
Unreviewed
CVE-2015-6964
was published
Sep 25, 2023
An incorrect comparison vulnerability was identified in GitHub Enterprise Server that allowed...
Moderate
Unreviewed
CVE-2023-23766
was published
Sep 22, 2023
In Trusted Firmware-M through TF-Mv1.8.0, for platforms that integrate the CryptoCell accelerator...
High
Unreviewed
CVE-2023-40271
was published
Sep 8, 2023
An incorrect comparison vulnerability was identified in GitHub Enterprise Server that allowed...
Moderate
Unreviewed
CVE-2023-23765
was published
Aug 31, 2023
An incorrect comparison vulnerability was identified in GitHub Enterprise Server that allowed...
High
Unreviewed
CVE-2023-23764
was published
Jul 27, 2023
The SolarWinds Platform was susceptible to the Incorrect Comparison Vulnerability. This...
High
Unreviewed
CVE-2023-23844
was published
Jul 26, 2023
The SolarWinds Platform was susceptible to the Incorrect Comparison Vulnerability. This...
High
Unreviewed
CVE-2023-23843
was published
Jul 26, 2023
Experion server may experience a DoS due to a stack overflow when handling a specially crafted...
High
Unreviewed
CVE-2023-22435
was published
Jul 13, 2023
A floating point exception vulnerability was found in sox, in the read_samples function at sox...
Moderate
Unreviewed
CVE-2023-32627
was published
Jul 10, 2023
An incorrect comparison vulnerability was identified in GitHub Enterprise Server that allowed...
Moderate
Unreviewed
CVE-2023-23762
was published
Jul 6, 2023
An issue was discovered in ONOS 2.5.1. There is an incorrect comparison of paths installed by...
Moderate
Unreviewed
CVE-2022-29944
was published
Apr 20, 2023
An issue was discovered in ONOS 2.5.1. There is an incorrect comparison of flow rules installed...
Moderate
Unreviewed
CVE-2021-38364
was published
Apr 20, 2023
gifsicle-1.94 was found to have a floating point exception (FPE) vulnerability via resize_stream...
High
Unreviewed
CVE-2023-46009
was published
Oct 18, 2023
xattr.c in the ext2 and ext3 file system code for Linux kernel 2.6 does not properly compare the...
Moderate
Unreviewed
CVE-2005-2801
was published
May 1, 2022
A potential attacker with access to the Westermo Lynx device would be able to execute...
Moderate
Unreviewed
CVE-2023-45213
was published
Feb 7, 2024
ProTip!
Advisories are also available from the
GraphQL API