GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,279
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,421
Pub
12
RubyGems
891
Rust
873
Swift
36
Unreviewed advisories
All unreviewed
5,000+
100 advisories
Filter by severity
An improper access control was identified in the Identity Security Cloud (ISC) message server API...
Moderate
Unreviewed
CVE-2024-3317
was published
May 15, 2024
A key used in logging.json does not follow the least privilege principle by default and is...
Moderate
Unreviewed
CVE-2024-3185
was published
Apr 23, 2024
A vulnerability was reported
in a system recovery bootloader that was part of the Lenovo...
Moderate
Unreviewed
CVE-2024-23593
was published
Apr 15, 2024
In SecurityCommand message after as security has been actived., there is a possible improper...
Moderate
Unreviewed
CVE-2023-52343
was published
Apr 8, 2024
Faulty input validation in the core of Apache allows malicious or exploitable backend/content...
High
Unreviewed
CVE-2023-38709
was published
Apr 4, 2024
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
High
Unreviewed
CVE-2024-1714
was published
Feb 21, 2024
Improper input validation in some Zoom clients may allow an authenticated user to conduct a...
Moderate
Unreviewed
CVE-2024-24690
was published
Feb 14, 2024
A vulnerability exists in the input validation of the GOOSE
messages where out of range values...
Moderate
Unreviewed
CVE-2023-4518
was published
Dec 1, 2023
Improper Input Validation in Checkmk <2.2.0p15, <2.1.0p37, <=2.0.0p39 allows priviledged...
Low
Unreviewed
CVE-2023-23549
was published
Nov 15, 2023
Django Denial-of-service in django.utils.text.Truncator
High
CVE-2023-43665
was published
for
Django
(pip)
Nov 3, 2023
Django Denial of service vulnerability in django.utils.encoding.uri_to_iri
Moderate
CVE-2023-41164
was published
for
django
(pip)
Nov 3, 2023
An Improper Validation of Specified Quantity in Input vulnerability in the Layer-2 control...
Moderate
Unreviewed
CVE-2023-36839
was published
Oct 13, 2023
phonenumber panics on parsing crafted RFC3966 inputs
High
CVE-2023-42444
was published
for
phonenumber
(Rust)
Sep 21, 2023
blurhash panics on parsing crafted inputs
High
CVE-2023-42447
was published
for
blurhash
(Rust)
Sep 21, 2023
A vulnerability was found in SourceCodester Card Holder Management System 1.0 and classified as...
Moderate
Unreviewed
CVE-2023-4439
was published
Aug 21, 2023
Denial-of-service (DoS) vulnerability due to improper validation of specified type of input issue...
High
Unreviewed
CVE-2023-38744
was published
Aug 3, 2023
jcvi vulnerable to Configuration Injection due to unsanitized user input
High
CVE-2023-35932
was published
for
jcvi
(pip)
Jun 23, 2023
The HTTP server in Mongoose before 7.10 accepts requests containing negative Content-Length headers.
High
Unreviewed
CVE-2023-34188
was published
Jun 23, 2023
A denial of service attack might be launched against the server if an unusually lengthy password ...
High
Unreviewed
CVE-2023-30082
was published
Jun 14, 2023
NVIDIA GPU Display Driver for Windows contains a vulnerability in the kernel mode layer driver...
Low
Unreviewed
CVE-2023-0195
was published
Apr 1, 2023
NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer...
Moderate
Unreviewed
CVE-2023-0194
was published
Apr 1, 2023
A flaw was found in the c-ares package. The ares_set_sortlist is missing checks about the...
High
Unreviewed
CVE-2022-4904
was published
Mar 7, 2023
IPFS go-bitfield vulnerable to DoS via malformed size arguments
Moderate
CVE-2023-23626
was published
for
github.com/ipfs/go-bitfield
(Go)
Feb 10, 2023
For certain systems running EOS, a Precision Time Protocol (PTP) packet of a management/signaling...
High
Unreviewed
CVE-2021-28510
was published
Jan 26, 2023
An Unchecked Input for Loop Condition vulnerability in a NAT library of Juniper Networks Junos OS...
Moderate
Unreviewed
CVE-2023-22409
was published
Jan 13, 2023
ProTip!
Advisories are also available from the
GraphQL API