GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
21
Go
2,003
Maven
5,000+
npm
3,714
NuGet
661
pip
3,387
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
48 advisories
Filter by severity
When curl is asked to use HSTS, the expiry time for a subdomain might
overwrite a parent domain's...
Moderate
Unreviewed
CVE-2024-9681
was published
Nov 6, 2024
An Incorrect Comparison vulnerability in the local address verification API of Juniper Networks...
Moderate
Unreviewed
CVE-2024-39534
was published
Oct 11, 2024
The WP Hardening – Fix Your WordPress Security plugin for WordPress is vulnerable to Security...
Moderate
Unreviewed
CVE-2024-6641
was published
Sep 18, 2024
Alpine allows Authentication Filter bypass
Moderate
CVE-2022-23554
was published
for
us.springett:alpine
(Maven)
Aug 5, 2024
Under certain circumstances the ExacqVision Web Services does not provide sufficient protection...
Moderate
Unreviewed
CVE-2024-32862
was published
Aug 2, 2024
A potential attacker with access to the Westermo Lynx device would be able to execute...
Moderate
Unreviewed
CVE-2023-45213
was published
Feb 7, 2024
IBM PowerSC 1.3, 2.0, and 2.1 uses Cross-Origin Resource Sharing (CORS) which could allow an...
Moderate
Unreviewed
CVE-2023-50940
was published
Feb 2, 2024
Espeak-ng 1.52-dev was discovered to contain a Floating Point Exception via the function...
Moderate
Unreviewed
CVE-2023-49994
was published
Dec 12, 2023
gnark unsoundness in variable comparison / non-unique binary decomposition
Moderate
CVE-2023-44378
was published
for
github.com/consensys/gnark
(Go)
Oct 4, 2023
MultiBit HD before 0.1.2 allows attackers to conduct bit-flipping attacks that insert unspendable...
Moderate
Unreviewed
CVE-2015-6964
was published
Sep 25, 2023
An incorrect comparison vulnerability was identified in GitHub Enterprise Server that allowed...
Moderate
Unreviewed
CVE-2023-23766
was published
Sep 22, 2023
An incorrect comparison vulnerability was identified in GitHub Enterprise Server that allowed...
Moderate
Unreviewed
CVE-2023-23765
was published
Aug 31, 2023
Apache NiFi Insufficient Property Validation vulnerability
Moderate
CVE-2023-40037
was published
for
org.apache.nifi:nifi-dbcp-base
(Maven)
Aug 19, 2023
A floating point exception vulnerability was found in sox, in the lsx_aiffstartwrite function at...
Moderate
Unreviewed
CVE-2023-26590
was published
Jul 10, 2023
A floating point exception vulnerability was found in sox, in the read_samples function at sox...
Moderate
Unreviewed
CVE-2023-32627
was published
Jul 10, 2023
Apache OpenMeetings insufficient authorization vulnerability
Moderate
CVE-2023-28936
was published
for
org.apache.openmeetings:openmeetings-db
(Maven)
Jul 6, 2023
An incorrect comparison vulnerability was identified in GitHub Enterprise Server that allowed...
Moderate
Unreviewed
CVE-2023-23762
was published
Jul 6, 2023
An issue was discovered in ONOS 2.5.1. There is an incorrect comparison of paths installed by...
Moderate
Unreviewed
CVE-2022-29944
was published
Apr 20, 2023
An issue was discovered in ONOS 2.5.1. There is an incorrect comparison of flow rules installed...
Moderate
Unreviewed
CVE-2021-38364
was published
Apr 20, 2023
Dell SupportAssist for Home PCs (version 3.11.2 and prior) contain Overly Permissive Cross-domain...
Moderate
Unreviewed
CVE-2022-34366
was published
Feb 10, 2023
The Remote Mount feature can potentially be abused by valid, authenticated users to make...
Moderate
Unreviewed
CVE-2022-34888
was published
Jan 31, 2023
Floating Point Comparison with Incorrect Operator in GitHub repository vim/vim prior to 9.0.0804.
Moderate
Unreviewed
CVE-2022-4293
was published
Dec 5, 2022
Dell Wyse ThinOS 2205 contains a Regular Expression Denial of Service Vulnerability in UI. An...
Moderate
Unreviewed
CVE-2022-34402
was published
Oct 11, 2022
SWFTools commit 772e55a2 was discovered to contain a floating point exception (FPE) via DCTStream...
Moderate
Unreviewed
CVE-2022-35091
was published
Sep 25, 2022
ProTip!
Advisories are also available from the
GraphQL API