Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,279
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,421
Pub
12
RubyGems
891
Rust
873
Swift
36
Unreviewed advisories
All unreviewed
5,000+

35 advisories

Loading
A CWE-693 “Protection Mechanism Failure” vulnerability in the embedded Chromium browser ... Moderate Unreviewed
CVE-2023-45593 was published Mar 5, 2024
KaTeX missing normalization of the protocol in URLs allows bypassing forbidden protocols Moderate
CVE-2024-28246 was published for katex (npm) Mar 25, 2024
7085 edemaine
jupenur
A vulnerability in the NETCONF feature of Cisco IOS XE Software could allow an authenticated,... Moderate Unreviewed
CVE-2024-20278 was published Mar 27, 2024
Microsoft Outlook Remote Code Execution Vulnerability High Unreviewed
CVE-2024-30103 was published Jun 11, 2024
ServiceNow has addressed a sensitive file read vulnerability that was identified in the... Moderate Unreviewed
CVE-2024-5178 was published Jul 10, 2024
ServiceNow has addressed an input validation vulnerability that was identified in the Washington... Critical Unreviewed
CVE-2024-5217 was published Jul 10, 2024
Ankitects Anki LaTeX Blocklist Bypass vulnerability Low
CVE-2024-32152 was published for anki (pip) Jul 22, 2024
Jayy001
Wasmtime doesn't fully sandbox all the Windows device filenames Low
CVE-2024-51745 was published for wasmtime (Rust) Nov 5, 2024
nathaniel-daniel
HTML Cleaner allows crafted scripts in special contexts like svg or math to pass through High
CVE-2024-52595 was published for lxml-html-clean (pip) Nov 19, 2024
JorianWoltjer frenzymadness
Winter CMS Modules allows a sandbox bypass in Twig templates leading to data modification and deletion High
CVE-2024-54149 was published for winter/wn-cms-module (Composer) Dec 9, 2024
bennothommo
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database