Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,190
Erlang
31
GitHub Actions
19
Go
1,985
Maven
5,000+
npm
3,702
NuGet
656
pip
3,326
Pub
11
RubyGems
883
Rust
836
Swift
35
Unreviewed advisories
All unreviewed
5,000+

18 advisories

Loading
loona-hpack Panic Vulnerability Moderate
CVE-2024-51502 was published for loona-hpack (Rust) Nov 4, 2024
Tonic has remotely exploitable denial of service vulnerability Moderate
CVE-2024-47609 was published for tonic (Rust) Oct 1, 2024
Malicious Matrix homeserver can leak truncated message content of messages it shouldn't have access to Moderate
CVE-2024-39691 was published for matrix-appservice-irc (npm) Jul 5, 2024
progval
Elasticsearch Improper Handling of Exceptional Conditions Moderate
CVE-2023-46673 was published for org.elasticsearch:elasticsearch (Maven) Nov 22, 2023
Apollo Router Unnamed "Subscription" operation results in Denial-of-Service Moderate
CVE-2023-41317 was published for apollo-router (Rust) Sep 7, 2023
nmoutschen abernix
o0Ignition0o BrynCooke peakematt jasonbarnett667 Geal
Improper random reading in CIRCL Moderate
CVE-2023-1732 was published for github.com/cloudflare/circl (Go) May 11, 2023
XWiki Platform vulnerable to page render failure due to broken translations Moderate
CVE-2023-29520 was published for org.xwiki.platform:xwiki-platform-localization-source-wiki (Maven) Apr 20, 2023
Comrak AST node data is not validated (GHSL-2023-049) Moderate
CVE-2023-28631 was published for comrak (Rust) Mar 28, 2023
darakian
Cilium eBPF filters may be temporarily removed during agent restart Moderate
CVE-2023-27595 was published for github.com/cilium/cilium (Go) Mar 17, 2023
ldelossa ti-mo
aanm
xwiki vulnerable to Improper Handling of Exceptional Conditions Moderate
CVE-2023-26479 was published for org.xwiki.platform:xwiki-platform-rendering-parser (Maven) Mar 3, 2023
nadesiko3 allows remote attacker to inject invalid value to decodeURIComponent of nako3edit Moderate
CVE-2022-41777 was published for nadesiko3 (npm) Dec 5, 2022
rdiffweb Missing Custom Error Page Moderate
CVE-2022-3175 was published for rdiffweb (pip) Sep 14, 2022
Directus vulnerable to unhandled exception on illegal filename_disk value Moderate
CVE-2022-36031 was published for directus (npm) Aug 30, 2022
wgorecki
Improper Handling of Exceptional Conditions inn metadata-extractor Moderate
CVE-2022-24613 was published for com.drewnoakes:metadata-extractor (Maven) Feb 25, 2022
ZGorlock
Uncaught Exception in zip4j Moderate
CVE-2022-24615 was published for net.lingala.zip4j:zip4j (Maven) Feb 25, 2022
srikanth-lingala
Exposure of Sensitive Information in keycloak Moderate
CVE-2020-1744 was published for org.keycloak:keycloak-core (Maven) Sep 20, 2021
Uncontrolled Resource Consumption in transpile Moderate
CVE-2021-23429 was published for transpile (npm) Sep 2, 2021
Improper Handling of Exceptional Conditions and Origin Validation Error in Eclipse Paho Java client library Moderate
CVE-2019-11777 was published for org.eclipse.paho:org.eclipse.paho.client.mqttv3 (Maven) Sep 17, 2019
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database