Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,266
Erlang
31
GitHub Actions
21
Go
2,036
Maven
5,000+
npm
3,732
NuGet
662
pip
3,413
Pub
12
RubyGems
891
Rust
866
Swift
36
Unreviewed advisories
All unreviewed
5,000+

151 advisories

Loading
VirtualSquare picoTCP (aka PicoTCP-NG) through 2.1 does not properly check whether header sizes... High Unreviewed
CVE-2023-35849 was published Jun 19, 2023
An Improper Check for Unusual or Exceptional Conditions vulnerability in the Packet Forwarding... High Unreviewed
CVE-2023-36835 was published Jul 14, 2023
Feathers socket handler allows abusing implicit toString High
CVE-2023-37899 was published for @feathersjs/socketio (npm) Jul 20, 2023
CodeanIO
json2xml Uncaught Exception vulnerability High
CVE-2022-25024 was published for json2xml (pip) Aug 23, 2023
When checking if the Browsing Context had been discarded in `HttpBaseChannel`, if the load group... High Unreviewed
CVE-2023-4583 was published Sep 11, 2023
The issue was addressed with improved checks. This issue is fixed in iOS 16.7 and iPadOS 16.7, OS... High Unreviewed
CVE-2023-41992 was published Sep 21, 2023
Denial-of-service in NodeBB <= v2.8.10 allows unauthenticated attackers to trigger a crash, when... High Unreviewed
CVE-2023-30591 was published Sep 29, 2023
An Improper Check for Unusual or Exceptional Conditions vulnerability in the SIP ALG of Juniper... High Unreviewed
CVE-2023-44198 was published Oct 13, 2023
An Improper Check for Unusual or Exceptional Conditions vulnerability in the Packet Forwarding... High Unreviewed
CVE-2023-44199 was published Oct 13, 2023
Apollo Router vulnerable to Improper Check or Handling of Exceptional Conditions High
CVE-2023-45812 was published for apollo-router (Rust) Oct 19, 2023
garypen BrynCooke
BryanBarron jasonbarnett667 shorgi
Issue summary: Generating excessively long X9.42 DH keys or checking excessively long X9.42 DH... High Unreviewed
CVE-2023-5678 was published Nov 6, 2023
Vulnerability of uncaught exceptions in the NFC module. Successful exploitation of this... High Unreviewed
CVE-2023-46765 was published Nov 8, 2023
Vulnerability of data verification errors in the kernel module. Successful exploitation of this... High Unreviewed
CVE-2023-44099 was published Dec 6, 2023
The vulnerability is caused by improper check for check if RDLENGTH does not overflow the buffer... High Unreviewed
CVE-2023-32726 was published Dec 22, 2023
An Improper Check for Unusual or Exceptional Conditions vulnerability in Routing Protocol Daemon... High Unreviewed
CVE-2024-21614 was published Jan 12, 2024
AVEVA PI Server versions 2023 and 2018 SP3 P05 and prior contain a vulnerability that could... High Unreviewed
CVE-2023-34348 was published Jan 18, 2024
Prior to v7.4.0, Ember ZNet is vulnerable to a denial of service attack through manipulation of... High Unreviewed
CVE-2023-6874 was published Feb 5, 2024
XSS sidekiq-unique-jobs UI server vulnerability High
CVE-2024-25122 was published for sidekiq-unique-jobs (RubyGems) Feb 13, 2024
pboling Earlopain
HPACK decoder panics on invalid input High
GHSA-w7hm-hmxv-pvhf was published for hpack (Rust) Apr 5, 2024
An Improper Check for Unusual or Exceptional Conditions vulnerability in the the Public Key... High Unreviewed
CVE-2024-30397 was published Apr 12, 2024
Malformed S2 Nonce Get command classes can be sent to crash the gateway. A hard reset is... High Unreviewed
CVE-2024-3052 was published Apr 27, 2024
Previous ATX is not checked to be the newest valid ATX by Smesher when validating incoming ATX High
CVE-2024-34360 was published for github.com/spacemeshos/api (Go) May 10, 2024
Tor Arti's STUB circuits incorrectly have a length of 2 High
CVE-2024-35312 was published for arti (Rust) May 18, 2024
Directus is soft-locked by providing a string value to random string util High
CVE-2024-36128 was published for directus (npm) Jun 4, 2024
Zehir
irodsServerMonPerf in iRODS before 4.3.2 attempts to proceed with use of a path even if it is not... High Unreviewed
CVE-2024-38461 was published Jun 16, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database