Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,333
Erlang
31
GitHub Actions
21
Go
2,094
Maven
5,000+
npm
3,759
NuGet
678
pip
3,445
Pub
12
RubyGems
892
Rust
882
Swift
37
Unreviewed advisories
All unreviewed
5,000+

11,339 advisories

Loading
In FillUi of FillUi.java, there is a possible way to view another user's images due to a confused... Low Unreviewed
CVE-2023-40138 was published Oct 27, 2023
Wasmtime vulnerable to panic when using a dropped extenref-typed element segment Low
CVE-2024-30266 was published for wasmtime (Rust) Apr 2, 2024
ShinWonho
NVIDIA CUDA toolkit for all platforms contains a vulnerability in cuobjdump and nvdisasm where... Low Unreviewed
CVE-2024-0072 was published Apr 5, 2024
NVIDIA nvJPEG2000 Library for Windows and Linux contains a vulnerability where improper input... Low Unreviewed
CVE-2023-31028 was published Apr 5, 2024
NVIDIA nvTIFF Library for Windows and Linux contains a vulnerability where improper input... Low Unreviewed
CVE-2024-0080 was published Apr 5, 2024
NVIDIA CUDA toolkit for all platforms contains a vulnerability in cuobjdump and nvdisasm where... Low Unreviewed
CVE-2024-0076 was published Apr 5, 2024
When curl is used to retrieve and parse cookies from a HTTP(S) server, itaccepts cookies using... Low Unreviewed
CVE-2022-35252 was published Sep 25, 2022
CometBFT's default for `BlockParams.MaxBytes` consensus parameter may increase block times and affect consensus participation Low
GHSA-hq58-p9mv-338c was published for github.com/cometbft/cometbft (Go) Sep 29, 2023
The get_parent_resource function in repos.c in mod_dav_svn Apache HTTPD server module in... Low Unreviewed
CVE-2013-4558 was published May 17, 2022
A vulnerability was found in QKSMS up to 3.9.4 on Android. It has been classified as problematic.... Low Unreviewed
CVE-2024-3430 was published Apr 8, 2024
Xuxueli xxl-job template injection vulnerability Low
CVE-2024-3366 was published for com.xuxueli:xxl-job-core (Maven) Apr 6, 2024
OpenStack Identity Keystone Privilege Escalation vulnerability Low
CVE-2013-4477 was published for keystone (pip) May 17, 2022
Contao: Unencoded insert tags in the frontend Low
CVE-2024-28191 was published for contao/core-bundle (Composer) Apr 9, 2024
Kopia: Storage connection credentials written to console on "repository status" CLI command with JSON output Low
GHSA-j5vm-7qcc-2wwg was published for github.com/kopia/kopia (Go) Apr 10, 2024
Insertion of Sensitive Information into Log File vulnerability in WebToffee WordPress Backup &... Low Unreviewed
CVE-2024-31254 was published Apr 10, 2024
A stored Cross-Site Scripting (XSS) vulnerability exists in the chat functionality of the... Low Unreviewed
CVE-2024-3570 was published Apr 10, 2024
Transformers Deserialization of Untrusted Data vulnerability Low
CVE-2024-3568 was published for transformers (pip) Apr 10, 2024
A vulnerability was found in Totolink N200RE V5 9.3.5u.6255_B20211224. It has been classified as... Low Unreviewed
CVE-2024-0942 was published Jan 26, 2024
SpiceDB: LookupSubjects may return partial results if a specific kind of relation is used Low
CVE-2024-32001 was published for github.com/authzed/spicedb (Go) Apr 10, 2024
atalk_create in net/appletalk/ddp.c in the AF_APPLETALK network module in the Linux kernel... Low Unreviewed
CVE-2019-17054 was published May 24, 2022
Improper access control vulnerability in PersonaManagerService prior to SMR Jul-2023 Release 1... Low Unreviewed
CVE-2023-30640 was published Jul 6, 2023
A vulnerability has been identified in SCALANCE LPE9403 (All versions < V2.1). A path traversal... Low Unreviewed
CVE-2023-27409 was published May 9, 2023
Vulnerability in the Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK product of Oracle... Low Unreviewed
CVE-2023-22051 was published Jul 18, 2023
An issue was discovered in the Arm Android Gralloc Module. A non-privileged user can read a small... Low Unreviewed
CVE-2023-22808 was published Apr 11, 2023
Sensitive information exposure vulnerability in SVCAgent prior to SMR Sep-2023 Release 1 allows... Low Unreviewed
CVE-2023-30717 was published Sep 6, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database