Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,189
Erlang
31
GitHub Actions
19
Go
1,985
Maven
5,000+
npm
3,701
NuGet
657
pip
3,326
Pub
11
RubyGems
882
Rust
836
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

23 advisories

Loading
IBM MQ Operator 3.2.2 and IBM MQ Operator 2.0.24 could allow a user to bypass authentication... High Unreviewed
CVE-2024-39742 was published Jul 8, 2024
The “ipaddress” module contained incorrect information about whether certain IPv4 and IPv6... High Unreviewed
CVE-2024-4032 was published Jun 17, 2024
gifsicle-1.94 was found to have a floating point exception (FPE) vulnerability via resize_stream... High Unreviewed
CVE-2023-46009 was published Oct 18, 2023
The SolarWinds Platform was susceptible to the Incorrect Comparison Vulnerability. This... High Unreviewed
CVE-2023-23840 was published Sep 14, 2023
The SolarWinds Platform was susceptible to the Incorrect Comparison Vulnerability. This... High Unreviewed
CVE-2023-23845 was published Sep 14, 2023
In Trusted Firmware-M through TF-Mv1.8.0, for platforms that integrate the CryptoCell accelerator... High Unreviewed
CVE-2023-40271 was published Sep 8, 2023
An incorrect comparison vulnerability was identified in GitHub Enterprise Server that allowed... High Unreviewed
CVE-2023-23764 was published Jul 27, 2023
The SolarWinds Platform was susceptible to the Incorrect Comparison Vulnerability. This... High Unreviewed
CVE-2023-33225 was published Jul 26, 2023
The SolarWinds Platform was susceptible to the Incorrect Comparison Vulnerability. This... High Unreviewed
CVE-2023-23844 was published Jul 26, 2023
The SolarWinds Platform was susceptible to the Incorrect Comparison Vulnerability. This... High Unreviewed
CVE-2023-23843 was published Jul 26, 2023
Experion server may experience a DoS due to a stack overflow when handling a specially crafted... High Unreviewed
CVE-2023-22435 was published Jul 13, 2023
This vulnerability allows network-adjacent attackers to bypass authentication on affected... High Unreviewed
CVE-2022-27645 was published Mar 29, 2023
This vulnerability allows network-adjacent attackers to bypass authentication on affected... High Unreviewed
CVE-2022-43621 was published Mar 29, 2023
In JetBrains YouTrack before 2021.2.16363, time-unsafe comparisons were used. High Unreviewed
CVE-2021-37550 was published May 24, 2022
chatwoot is vulnerable to Inefficient Regular Expression Complexity High Unreviewed
CVE-2021-3649 was published May 24, 2022
A denial-of-service vulnerability exists in the traffic-logging functionality of FreyrSCADA IEC... High Unreviewed
CVE-2020-13559 was published May 24, 2022
An unauthenticated client can trigger denial of service by issuing specially crafted wire... High Unreviewed
CVE-2019-20925 was published May 24, 2022
This vulnerability allows network-adjacent attackers to bypass authentication on affected... High Unreviewed
CVE-2020-8864 was published May 24, 2022
Incorrect HTTP Request header comparison in Squid HTTP Proxy 3.5.0.1 through 3.5.22, and 4.0.1... High Unreviewed
CVE-2016-10003 was published May 17, 2022
This vulnerability allows network-adjacent attackers to bypass authentication on affected... High Unreviewed
CVE-2021-34865 was published Jan 26, 2022
A limited authentication bypass vulnerability was discovered that could allow an attacker to... High Unreviewed
CVE-2022-22990 was published Jan 14, 2022
An issue was discovered in split_region in uc.c in Unicorn Engine before 2.0.0-rc5. It allows... High Unreviewed
CVE-2021-44078 was published Dec 27, 2021
An Incomplete Comparison with Missing Factors vulnerability in the Gallagher Controller allows an... High Unreviewed
CVE-2021-23146 was published Nov 19, 2021
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database