GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,141
Erlang
30
GitHub Actions
19
Go
1,942
Maven
5,000+
npm
3,684
NuGet
650
pip
3,303
Pub
11
RubyGems
878
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+
10,644 advisories
Filter by severity
Validity check missing in Frontier
Moderate
CVE-2021-41138
was published
for
pallet-ethereum
(Rust)
Oct 13, 2021
PyOpenSSL Mishandles NUL Byte In Certificate Subject Alternative Name
High
CVE-2013-4314
was published
for
pyOpenSSL
(pip)
May 17, 2022
In mintplex-labs/anything-llm, a vulnerability exists in the thread update process that allows...
High
Unreviewed
CVE-2024-3150
was published
Jun 6, 2024
Transaction validity oversight in pallet-ethereum
Moderate
CVE-2021-39193
was published
for
pallet-ethereum
(Rust)
Sep 1, 2021
Apache Syncope: Stored XSS in Console and Enduser
Moderate
CVE-2024-45031
was published
for
org.apache.syncope.client:syncope-client-console
(Maven)
Oct 24, 2024
Improper input validation in some Intel(R) SGX DCAP software for Windows before version 1.19.100...
Moderate
Unreviewed
CVE-2023-42776
was published
Oct 24, 2024
A vulnerability in the Remote Access VPN feature of Cisco Adaptive Security Appliance (ASA)...
High
Unreviewed
CVE-2024-20495
was published
Oct 23, 2024
A vulnerability in the web-based management interface of Cisco Secure Firewall Management Center ...
Moderate
Unreviewed
CVE-2024-20274
was published
Oct 23, 2024
Interactive Forms (IAF) in GX Software XperienCentral versions 10.33.1 until 10.35.0 was...
High
Unreviewed
CVE-2022-43713
was published
Jul 26, 2023
Improper input validation in pyftpdlib
Moderate
CVE-2008-7264
was published
for
pyftpdlib
(pip)
May 17, 2022
Suricata before 1.4.6 allows remote attackers to cause a denial of service (crash) via a...
Moderate
Unreviewed
CVE-2013-5919
was published
May 14, 2022
SaltStack Salt Denial of Service via a crafted authentication request
High
CVE-2017-14696
was published
for
salt
(pip)
May 17, 2022
SaltStack Salt Improper Validation of eauth credentials and tokens in salt-netapi
Critical
CVE-2020-25592
was published
for
salt
(pip)
May 24, 2022
Python RSA allows attackers to spoof signatures
Moderate
CVE-2016-1494
was published
for
rsa
(pip)
May 14, 2022
Improper Input Validation in pyftpdlib
High
CVE-2007-6739
was published
for
pyftpdlib
(pip)
May 1, 2022
Policies not properly enforced in bluemonday
High
CVE-2021-42576
was published
for
github.com/microcosm-cc/bluemonday
(Go)
Oct 19, 2021
A vulnerability can occur when capturing a media stream when the media source type is changed as...
Critical
Unreviewed
CVE-2018-5156
was published
May 14, 2022
Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4, and Thunderbird < 45.4 rely on...
High
Unreviewed
CVE-2016-5284
was published
May 14, 2022
The nsImageGeometryMixin class in Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4, and...
High
Unreviewed
CVE-2016-5272
was published
May 14, 2022
Improper input validation for some Intel NUC BIOS firmware before version JY0070 may allow a...
High
Unreviewed
CVE-2023-28738
was published
Jan 19, 2024
Given a compromised sandboxed content process due to a separate vulnerability, it is possible to...
Moderate
Unreviewed
CVE-2019-9812
was published
May 24, 2022
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 could...
Moderate
Unreviewed
CVE-2023-47746
was published
Jan 22, 2024
privacyIDEA Improper Input Validation vulnerability
High
CVE-2018-1000809
was published
for
privacyIDEA
(pip)
Jan 14, 2019
ProTip!
Advisories are also available from the
GraphQL API