GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
7,399 advisories
XNIO denial of service vulnerability
High
CVE-2023-5685
was published
for
org.jboss.xnio:xnio-api
(Maven)
Mar 22, 2024
DotNetZip Directory Traversal vulnerability
High
CVE-2024-48510
was published
for
DotNetZip
(NuGet)
Nov 13, 2024
Keycloak mTLS Authentication Bypass via Reverse Proxy TLS Termination
High
CVE-2024-10039
was published
for
org.keycloak:keycloak-core
(Maven)
Nov 25, 2024
Twisted SSH client and server deny of service during SSH handshake.
High
CVE-2022-21716
was published
for
twisted
(pip)
Mar 3, 2022
Cookie and header exposure in twisted
High
CVE-2022-21712
was published
for
Twisted
(pip)
Feb 7, 2022
Withdrawn Advisory: Lunary Improper Authentication vulnerability
High
CVE-2024-6582
was published
for
lunary
(npm)
Sep 13, 2024
•
withdrawn
Apache Airflow vulnerable to Improper Encoding or Escaping of Output
High
CVE-2024-45498
was published
for
apache-airflow
(pip)
Sep 7, 2024
Artifact poisoning vulnerability in action-download-artifact v5 and earlier
High
GHSA-5xr6-xhww-33m4
was published
for
dawidd6/action-download-artifact
(GitHub Actions)
Nov 25, 2024
Litestar allows unbounded resource consumption (DoS vulnerability)
High
CVE-2024-52581
was published
for
litestar
(pip)
Nov 20, 2024
github.com/containers/image allows unexpected authenticated registry accesses
High
CVE-2024-3727
was published
for
github.com/containers/image
(Go)
May 14, 2024
Tornado has an HTTP cookie parsing DoS vulnerability
High
CVE-2024-52804
was published
for
tornado
(pip)
Nov 22, 2024
ProTip!
Advisories are also available from the
GraphQL API