GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,279
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,421
Pub
12
RubyGems
891
Rust
873
Swift
36
Unreviewed advisories
All unreviewed
5,000+
46 advisories
Filter by severity
False-negative validation results in MINT transactions with invalid baton
Critical
CVE-2020-11071
was published
for
slpjs
(npm)
May 12, 2020
False-negative validation results in MINT transactions with invalid baton
Critical
CVE-2020-11072
was published
for
slp-validate
(npm)
May 12, 2020
False-positive validity for NFT1 genesis transactions in SLPJS
Critical
CVE-2020-15130
was published
for
slpjs
(npm)
Jul 30, 2020
False-positive validity for NFT1 genesis transactions
Critical
CVE-2020-15131
was published
for
slp-validate
(npm)
Jul 30, 2020
Regular expression denial of service in react-native
High
CVE-2020-1920
was published
for
react-native
(npm)
Jul 20, 2021
Timing attack on HMAC signature comparison in Apache Tapestry
Critical
CVE-2019-10071
was published
for
org.apache.tapestry:tapestry-core
(Maven)
Sep 26, 2019
Regular expression denial of service in eth-account
Moderate
CVE-2022-1930
was published
for
eth-account
(pip)
Aug 23, 2022
JetBrains Ktor before 2.1.0 was vulnerable to a Reflect File Download attack
Moderate
CVE-2022-38179
was published
for
io.ktor:ktor
(Maven)
Aug 13, 2022
Inefficient Regular Expression Complexity in vuelidate
High
CVE-2021-3794
was published
for
@vuelidate/validators
(npm)
Sep 20, 2021
Incorrect Regular Expression in RestSharp
High
CVE-2021-27293
was published
for
RestSharp
(NuGet)
Jul 14, 2021
TensorFlow has Floating Point Exception in AudioSpectrogram
High
CVE-2023-25666
was published
for
tensorflow
(pip)
Mar 24, 2023
TensorFlow has Floating Point Exception in TensorListSplit with XLA
High
CVE-2023-25673
was published
for
tensorflow
(pip)
Mar 24, 2023
TensorFlow has Floating Point Exception in AvgPoolGrad with XLA
High
CVE-2023-25669
was published
for
tensorflow
(pip)
Mar 24, 2023
TensorFlow has Floating Point Exception in TFLite in conv kernel
High
CVE-2023-27579
was published
for
tensorflow
(pip)
Mar 24, 2023
TensorFlow has Segfault in Bincount with XLA
High
CVE-2023-25675
was published
for
tensorflow
(pip)
Mar 24, 2023
Insecure Comparison in secure-compare
High
CVE-2015-9238
was published
for
secure-compare
(npm)
Jun 3, 2019
Incorrect Comparison in sodiumoxide
Critical
CVE-2019-25002
was published
for
sodiumoxide
(Rust)
Aug 25, 2021
github.com/tidwall/gjson Vulnerable to REDoS attack
High
CVE-2021-42836
was published
for
github.com/tidwall/gjson
(Go)
Oct 25, 2021
Inefficient Regular Expression Complexity in chalk/ansi-regex
High
CVE-2021-3807
was published
for
ansi-regex
(npm)
Sep 20, 2021
Dynamic Linq vulnerable to remote code execution
Critical
CVE-2023-32571
was published
for
System.Linq.Dynamic.Core
(NuGet)
Jun 22, 2023
Apache NiFi Insufficient Property Validation vulnerability
Moderate
CVE-2023-40037
was published
for
org.apache.nifi:nifi-dbcp-base
(Maven)
Aug 19, 2023
Apache OpenMeetings insufficient authorization vulnerability
Moderate
CVE-2023-28936
was published
for
org.apache.openmeetings:openmeetings-db
(Maven)
Jul 6, 2023
ProTip!
Advisories are also available from the
GraphQL API