GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,273
Erlang
31
GitHub Actions
21
Go
2,055
Maven
5,000+
npm
3,739
NuGet
668
pip
3,417
Pub
12
RubyGems
891
Rust
872
Swift
36
Unreviewed advisories
All unreviewed
5,000+
13 advisories
Filter by severity
Open Redirect in Caddy
Moderate
CVE-2022-28923
was published
for
github.com/caddyserver/caddy/v2
(Go)
Feb 7, 2023
usememos/memos Cross-Site Request Forgery vulnerability
Moderate
CVE-2022-4849
was published
for
github.com/usememos/memos
(Go)
Dec 29, 2022
Exposure of Sensitive Information in Jenkins Kubernetes Plugin
Moderate
CVE-2018-1000187
was published
for
org.csanchez.jenkins.plugins:kubernetes
(Maven)
May 14, 2022
Insecure temporary file usage in SWHKD
Critical
CVE-2022-27818
was published
for
Simple-Wayland-HotKey-Daemon
(Rust)
Apr 8, 2022
Unsafe parsing in SWHKD
Moderate
CVE-2022-27819
was published
for
Simple-Wayland-HotKey-Daemon
(Rust)
Apr 8, 2022
Allocation of Resources Without Limits or Throttling in Spring Framework
Moderate
CVE-2022-22950
was published
for
org.springframework:spring-expression
(Maven)
Apr 3, 2022
Use of Uninitialized Resource in flumedb.
Critical
CVE-2021-45684
was published
for
flumedb
(Rust)
Jan 6, 2022
Use of Uninitialized Resource in csv-sniffer.
Critical
CVE-2021-45686
was published
for
csv-sniffer
(Rust)
Jan 6, 2022
Uncontrolled Resource Consumption in strapi
Moderate
CVE-2020-8123
was published
for
strapi-admin
(npm)
Dec 10, 2021
Tarslip in go-unarr
Critical
CVE-2021-38197
was published
for
github.com/gen2brain/go-unarr
(Go)
Sep 1, 2021
ProTip!
Advisories are also available from the
GraphQL API