Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,189
Erlang
31
GitHub Actions
19
Go
1,984
Maven
5,000+
npm
3,701
NuGet
657
pip
3,326
Pub
11
RubyGems
882
Rust
836
Swift
35
Unreviewed advisories
All unreviewed
5,000+

415 advisories

Loading
Apache Struts vulnerable to remote arbitrary command execution due to improper input validation Critical
CVE-2017-5638 was published for org.apache.struts:struts2-core (Maven) Oct 18, 2018
sunSUNQ
Apache CXF TLS hostname verification does not work correctly with com.sun.net.ssl.* High
CVE-2018-8039 was published for org.apache.cxf:apache-cxf (Maven) Oct 19, 2018
sunSUNQ
Denial of Service in axios High
CVE-2019-10742 was published for axios (npm) May 29, 2019
tdunlap607
Improper Handling of Exceptional Conditions and Origin Validation Error in Eclipse Paho Java client library Moderate
CVE-2019-11777 was published for org.eclipse.paho:org.eclipse.paho.client.mqttv3 (Maven) Sep 17, 2019
ecdsa Denial of Service vulnerability in signature verification and signature malleability High
CVE-2019-14853 was published for ecdsa (pip) Oct 8, 2019
Improper Check for Unusual or Exceptional Conditions in Connect2id Nimbus JOSE+JWT Critical
CVE-2019-17195 was published for com.nimbusds:nimbus-jose-jwt (Maven) Oct 16, 2019
Jetty vulnerable to incorrect handling of invalid large TLS frame, exhausting CPU resources High
CVE-2021-28165 was published for org.eclipse.jetty:jetty-server (Maven) Apr 6, 2021
Denial of Service (DoS) in restify-paginate High
CVE-2020-27543 was published for restify-paginate (npm) Apr 12, 2021
Improper exception handling in Aedes High
CVE-2020-13410 was published for aedes (npm) May 6, 2021
Authorization bypass in github.com/dgrijalva/jwt-go High
CVE-2020-26160 was published for github.com/dgrijalva/jwt-go (Go) May 18, 2021
Crash in `tf.strings.substr` due to `CHECK`-fail Low
CVE-2021-29617 was published for tensorflow (pip) May 21, 2021
Crash in `tf.transpose` with complex inputs Low
CVE-2021-29618 was published for tensorflow (pip) May 21, 2021
Segfault in `tf.raw_ops.SparseCountSparseOutput` Low
CVE-2021-29619 was published for tensorflow (pip) May 21, 2021
github.com/nats-io/nats-server Import token permissions checking not enforced High
GHSA-j756-f273-xhp4 was published for github.com/nats-io/nats-server/v2 (Go) May 21, 2021
Ory fosite contains Improper Handling of Exceptional Conditions High
CVE-2020-15223 was published for github.com/ory/fosite (Go) May 24, 2021
jclebreton
MinIO Admin API security issue High Unreviewed
CVE-2020-11012 was published May 24, 2021
vadmeste aead
Improper Handling of Exceptional Conditions in Apache Tomcat High
CVE-2021-30639 was published for org.apache.tomcat:tomcat (Maven) Aug 13, 2021
Improper Handling of Exceptional Conditions in detect-character-encoding High
CVE-2021-39157 was published for detect-character-encoding (npm) Aug 25, 2021
Parse Server crashes with query parameter High
CVE-2021-39187 was published for parse-server (npm) Sep 2, 2021
mstniy
Uncontrolled Resource Consumption in transpile Moderate
CVE-2021-23429 was published for transpile (npm) Sep 2, 2021
Exposure of Sensitive Information in keycloak Moderate
CVE-2020-1744 was published for org.keycloak:keycloak-core (Maven) Sep 20, 2021
In apusys, there is a possible memory corruption due to incorrect error handling. This could lead... High Unreviewed
CVE-2021-0668 was published Nov 19, 2021
Inappropriate implementation in V8 in Google Chrome prior to 95.0.4638.69 allowed a remote... High Unreviewed
CVE-2021-38003 was published Nov 24, 2021
An unauthenticated attacker is able to send a special HTTP request, that causes a service to... High Unreviewed
CVE-2021-23859 was published Dec 9, 2021
There is an Exception log vulnerability in Huawei Smartphone.Successful exploitation of this... High Unreviewed
CVE-2021-37052 was published Dec 9, 2021
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database