Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,189
Erlang
31
GitHub Actions
19
Go
1,985
Maven
5,000+
npm
3,701
NuGet
657
pip
3,326
Pub
11
RubyGems
882
Rust
836
Swift
35
Unreviewed advisories
All unreviewed
5,000+

16 advisories

Loading
Privilege Escalation in Hibernate Validator High
CVE-2017-7536 was published for org.hibernate:hibernate-validator (Maven) Jun 15, 2020
JesseEstum
Use of Externally-Controlled Input to Select Classes or Code in Infinispan High
CVE-2019-10174 was published for org.infinispan:infinispan-core (Maven) May 24, 2022
In MtkEmail, there is a possible escalation of privilege due to fragment injection. This could... High Unreviewed
CVE-2022-26469 was published Sep 7, 2022
On F5 BIG-IP 13.1.0-13.1.0.3 or 13.0.0, when authenticated administrative users execute commands... High Unreviewed
CVE-2018-5511 was published May 13, 2022
An unsafe reflection vulnerability was identified in GitHub Enterprise Server that could lead to... High Unreviewed
CVE-2024-0200 was published Jan 16, 2024
It was found that the fix for CVE-2014-0114 had been reverted in JBoss Operations Network 3 (JON)... High Unreviewed
CVE-2019-3834 was published May 24, 2022
Sitecore Experience Platform (XP) v9.3 was discovered to contain an authenticated remote code... High Unreviewed
CVE-2023-33652 was published Jun 6, 2023
The YouTube Embedded 1.2 SDK binds to a service within the YouTube Main App. After binding, a... High Unreviewed
CVE-2023-0460 was published Jul 6, 2023
IdentityIQ 8.3 and all 8.3 patch levels prior to 8.3p3, IdentityIQ 8.2 and all 8.2 patch levels... High Unreviewed
CVE-2023-32217 was published Jul 6, 2023
avo possible unsafe reflection / partial DoS vulnerability High
CVE-2023-34102 was published for avo (RubyGems) Jun 6, 2023
FLX-0x00
In Progress® Telerik® Reporting versions prior to 18.1.24.709, a code execution attack is... High Unreviewed
CVE-2024-6096 was published Jul 24, 2024
Unsafe Reflection in base Component class in yiisoft/yii2 High
CVE-2024-4990 was published for yiisoft/yii2 (Composer) Jun 2, 2024
zonia3000 mtangoo
iBotPeaches rob006
StimulusReflex arbitrary method call High
CVE-2024-28121 was published for stimulus_reflex (RubyGems) Mar 12, 2024
FelixMartel marcoroth
matt-phylum
In Progress Telerik Reporting versions prior to 2024 Q3 (18.2.24.924), a code execution attack is... High Unreviewed
CVE-2024-8048 was published Oct 9, 2024
In Progress Telerik Reporting versions prior to 2024 Q3 (18.2.24.924), a code execution attack is... High Unreviewed
CVE-2024-8014 was published Oct 9, 2024
A high-severity vulnerability that can lead to arbitrary code execution on the system hosting the... High Unreviewed
CVE-2024-7059 was published Nov 5, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database