GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,270
Erlang
31
GitHub Actions
21
Go
2,046
Maven
5,000+
npm
3,737
NuGet
663
pip
3,415
Pub
12
RubyGems
891
Rust
868
Swift
36
Unreviewed advisories
All unreviewed
5,000+
42 advisories
Filter by severity
In OPPO Store APP, there's a possible escalation of privilege due to improper input validation.
High
Unreviewed
CVE-2024-1610
was published
Dec 18, 2024
An issue was discovered in Samsung Mobile Processor and Wearable Processor Exynos 2100, 1280,...
High
Unreviewed
CVE-2024-39343
was published
Dec 2, 2024
Florent Thiéry has found that selected Axis devices were vulnerable to handling certain ethernet...
High
Unreviewed
CVE-2024-47257
was published
Nov 26, 2024
A memory corruption vulnerability exists in the affected products when parsing DFT files. Local...
High
Unreviewed
CVE-2024-6068
was published
Nov 14, 2024
The ctl_report_supported_opcodes function did not sufficiently validate a field provided by...
High
Unreviewed
CVE-2024-42416
was published
Sep 5, 2024
A sym-linked file accessed via the repair function in Avast Antivirus <24.2 on Windows may allow...
High
Unreviewed
CVE-2024-5102
was published
Jun 10, 2024
Improper Validation of Specified Quantity in Input vulnerability in Tips and Tricks HQ WP Express...
High
Unreviewed
CVE-2024-30527
was published
May 17, 2024
Faulty input validation in the core of Apache allows malicious or exploitable backend/content...
High
Unreviewed
CVE-2023-38709
was published
Apr 4, 2024
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
High
Unreviewed
CVE-2024-1714
was published
Feb 21, 2024
Django Denial-of-service in django.utils.text.Truncator
High
CVE-2023-43665
was published
for
Django
(pip)
Nov 3, 2023
phonenumber panics on parsing crafted RFC3966 inputs
High
CVE-2023-42444
was published
for
phonenumber
(Rust)
Sep 21, 2023
blurhash panics on parsing crafted inputs
High
CVE-2023-42447
was published
for
blurhash
(Rust)
Sep 21, 2023
Denial-of-service (DoS) vulnerability due to improper validation of specified type of input issue...
High
Unreviewed
CVE-2023-38744
was published
Aug 3, 2023
jcvi vulnerable to Configuration Injection due to unsanitized user input
High
CVE-2023-35932
was published
for
jcvi
(pip)
Jun 23, 2023
The HTTP server in Mongoose before 7.10 accepts requests containing negative Content-Length headers.
High
Unreviewed
CVE-2023-34188
was published
Jun 23, 2023
A denial of service attack might be launched against the server if an unusually lengthy password ...
High
Unreviewed
CVE-2023-30082
was published
Jun 14, 2023
A flaw was found in the c-ares package. The ares_set_sortlist is missing checks about the...
High
Unreviewed
CVE-2022-4904
was published
Mar 7, 2023
For certain systems running EOS, a Precision Time Protocol (PTP) packet of a management/signaling...
High
Unreviewed
CVE-2021-28510
was published
Jan 26, 2023
The demon image annotation plugin for WordPress is vulnerable to improper input validation in...
High
Unreviewed
CVE-2022-4171
was published
Dec 13, 2022
A vulnerability has been identified in SIMATIC Drive Controller family (All versions < V3.0.1),...
High
Unreviewed
CVE-2021-44693
was published
Dec 13, 2022
Multiple vulnerabilities in the Cisco Discovery Protocol functionality of Cisco ATA 190 Series...
High
Unreviewed
CVE-2022-20690
was published
Dec 12, 2022
Multiple vulnerabilities in the Cisco Discovery Protocol functionality of Cisco ATA 190 Series...
High
Unreviewed
CVE-2022-20689
was published
Dec 12, 2022
conduit-hyper vulnerable to Denial of Service from unchecked request length
High
CVE-2022-39294
was published
for
conduit-hyper
(Rust)
Oct 31, 2022
parse-server crashes when receiving file download request with invalid byte range
High
CVE-2022-39313
was published
for
parse-server
(npm)
Oct 18, 2022
linked_list_allocator vulnerable to out-of-bound writes on `Heap` initialization and `Heap::extend`
High
CVE-2022-36086
was published
for
linked_list_allocator
(Rust)
Sep 16, 2022
ProTip!
Advisories are also available from the
GraphQL API