GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,190
Erlang
31
GitHub Actions
19
Go
1,985
Maven
5,000+
npm
3,702
NuGet
656
pip
3,326
Pub
11
RubyGems
883
Rust
836
Swift
35
Unreviewed advisories
All unreviewed
5,000+
206 advisories
Filter by severity
Apache CXF TLS hostname verification does not work correctly with com.sun.net.ssl.*
High
CVE-2018-8039
was published
for
org.apache.cxf:apache-cxf
(Maven)
Oct 19, 2018
ecdsa Denial of Service vulnerability in signature verification and signature malleability
High
CVE-2019-14853
was published
for
ecdsa
(pip)
Oct 8, 2019
Jetty vulnerable to incorrect handling of invalid large TLS frame, exhausting CPU resources
High
CVE-2021-28165
was published
for
org.eclipse.jetty:jetty-server
(Maven)
Apr 6, 2021
Denial of Service (DoS) in restify-paginate
High
CVE-2020-27543
was published
for
restify-paginate
(npm)
Apr 12, 2021
Authorization bypass in github.com/dgrijalva/jwt-go
High
CVE-2020-26160
was published
for
github.com/dgrijalva/jwt-go
(Go)
May 18, 2021
github.com/nats-io/nats-server Import token permissions checking not enforced
High
GHSA-j756-f273-xhp4
was published
for
github.com/nats-io/nats-server/v2
(Go)
May 21, 2021
Ory fosite contains Improper Handling of Exceptional Conditions
High
CVE-2020-15223
was published
for
github.com/ory/fosite
(Go)
May 24, 2021
Improper Handling of Exceptional Conditions in Apache Tomcat
High
CVE-2021-30639
was published
for
org.apache.tomcat:tomcat
(Maven)
Aug 13, 2021
Improper Handling of Exceptional Conditions in detect-character-encoding
High
CVE-2021-39157
was published
for
detect-character-encoding
(npm)
Aug 25, 2021
Parse Server crashes with query parameter
High
CVE-2021-39187
was published
for
parse-server
(npm)
Sep 2, 2021
In apusys, there is a possible memory corruption due to incorrect error handling. This could lead...
High
Unreviewed
CVE-2021-0668
was published
Nov 19, 2021
Inappropriate implementation in V8 in Google Chrome prior to 95.0.4638.69 allowed a remote...
High
Unreviewed
CVE-2021-38003
was published
Nov 24, 2021
An unauthenticated attacker is able to send a special HTTP request, that causes a service to...
High
Unreviewed
CVE-2021-23859
was published
Dec 9, 2021
There is an Exception log vulnerability in Huawei Smartphone.Successful exploitation of this...
High
Unreviewed
CVE-2021-37052
was published
Dec 9, 2021
An improper check or handling of exceptional conditions in Exynos baseband prior to SMR Dec-2021...
High
Unreviewed
CVE-2021-25516
was published
Dec 9, 2021
Possible buffer overflow due to lack of range check while processing a DIAG command for COEX...
High
Unreviewed
CVE-2021-30289
was published
Jan 4, 2022
Improper access control in TrustZone due to improper error handling while handling the signing...
High
Unreviewed
CVE-2021-1894
was published
Jan 4, 2022
An improper check or handling of exceptional conditions in NPU driver prior to SMR Jan-2022...
High
Unreviewed
CVE-2022-22265
was published
Jan 11, 2022
A release of illegal memory vulnerability in the snmpd daemon of Juniper Networks Junos OS, Junos...
High
Unreviewed
CVE-2022-22177
was published
Jan 20, 2022
On BIG-IP AFM version 16.1.x before 16.1.2, 15.1.x before 15.1.4.1, 14.1.x before 14.1.4.5, and...
High
Unreviewed
CVE-2022-23018
was published
Jan 26, 2022
ProTip!
Advisories are also available from the
GraphQL API