Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,900
Maven
5,000+
npm
3,630
NuGet
638
pip
3,244
Pub
10
RubyGems
863
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

35 advisories

Loading
ida64.dll in Hex-Rays IDA Pro through 8.4 crashes when there is a section that has many jumps... Critical Unreviewed
CVE-2024-44083 was published Aug 19, 2024
The Mirai botnet through 2024-08-19 mishandles simultaneous TCP connections to the CNC (command... Critical Unreviewed
CVE-2024-45163 was published Aug 22, 2024
An issue was discovered in UCI IDOL 2 (aka uciIDOL or IDOL2) through 2.12. Due to improper input... Critical Unreviewed
CVE-2024-45166 was published Aug 22, 2024
Samly access control vulnerability Critical
CVE-2024-25718 was published for Samly (Erlang) Feb 11, 2024
A memory corruption vulnerability was addressed with improved locking. This issue is fixed in... Critical Unreviewed
CVE-2024-23265 was published Mar 8, 2024
Remote code injection in Log4j Critical
CVE-2021-44228 was published for com.guicedee.services:log4j-core (Maven) Dec 10, 2021
In the Linux kernel, the following vulnerability has been resolved: clk: bcm: dvp: Assign ->num... Critical Unreviewed
CVE-2024-39462 was published Jun 25, 2024
In the Linux kernel, the following vulnerability has been resolved: ASoC: codecs: wcd938x: fix... Critical Unreviewed
CVE-2022-48716 was published Jun 20, 2024
A denial of service vulnerability exists in Delta Electronics DIAEnergie v1.10.1.8610 and prior.... Critical Unreviewed
CVE-2024-4549 was published May 6, 2024
Vulnerability discovered is related to the peer-to-peer (p2p) communications, attackers can craft... Critical Unreviewed
CVE-2023-30769 was published Apr 17, 2023
Resource allocation error while playing the video whose dimensions are more than supported... Critical Unreviewed
CVE-2019-2259 was published May 24, 2022
Index of array is processed in a wrong way inside a while loop and result in invalid index (-1 or... Critical Unreviewed
CVE-2018-11936 was published May 24, 2022
Through the exploitation of active user sessions, an attacker could send custom requests to... Critical Unreviewed
CVE-2023-50707 was published Dec 20, 2023
JSONUtil vulnerable to stack exhaustion Critical
CVE-2023-34615 was published for net.pwall.json:jsonutil (Maven) Jun 14, 2023
Prototype Pollution in asciitable.js Critical
CVE-2020-7771 was published for asciitable.js (npm) Apr 13, 2021
tdunlap607
Prototype Pollution in defaults-deep Critical
CVE-2018-16486 was published for defaults-deep (npm) Feb 7, 2019
Denial of Service in memjs Critical
CVE-2018-3767 was published for memjs (npm) Oct 10, 2018
Prototype Pollution in node.extend Critical
CVE-2018-16491 was published for node.extend (npm) Feb 7, 2019
Prototype Pollution in just-extend Critical
CVE-2018-16489 was published for just-extend (npm) Feb 7, 2019
ecnepsnai/web vulnerable to Uncontrolled Resource Consumption Critical
CVE-2021-4236 was published for github.com/ecnepsnai/web (Go) Dec 28, 2022
bson is vulnerable to denial of service due to incorrect regex validation Critical
CVE-2015-4412 was published for bson (RubyGems) Mar 5, 2018
Prototype pollution in dotty Critical
CVE-2021-25912 was published for dotty (npm) Feb 5, 2021
Rocket Software UniData versions prior to 8.2.4 build 3003 and UniVerse versions prior to 11.3.5... Critical Unreviewed
CVE-2023-28507 was published Mar 29, 2023
Server-Side Request Forgery and Uncontrolled Resource Consumption in LemMinX Critical
CVE-2022-0671 was published for org.eclipse.lemminx:lemminx-parent (Maven) Feb 19, 2022
There is an Uncontrolled resource consumption vulnerability in the display module in smartphones.... Critical Unreviewed
CVE-2021-40011 was published Jan 11, 2022
ProTip! Advisories are also available from the GraphQL API