Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,201
Erlang
31
GitHub Actions
19
Go
1,986
Maven
5,000+
npm
3,702
NuGet
660
pip
3,328
Pub
11
RubyGems
884
Rust
843
Swift
36
Unreviewed advisories
All unreviewed
5,000+

47 advisories

Loading
An Incorrect Comparison vulnerability in the local address verification API of Juniper Networks... Moderate Unreviewed
CVE-2024-39534 was published Oct 11, 2024
The WP Hardening – Fix Your WordPress Security plugin for WordPress is vulnerable to Security... Moderate Unreviewed
CVE-2024-6641 was published Sep 18, 2024
Alpine allows Authentication Filter bypass Moderate
CVE-2022-23554 was published for us.springett:alpine (Maven) Aug 5, 2024
Under certain circumstances the ExacqVision Web Services does not provide sufficient protection... Moderate Unreviewed
CVE-2024-32862 was published Aug 2, 2024
A potential attacker with access to the Westermo Lynx device would be able to execute... Moderate Unreviewed
CVE-2023-45213 was published Feb 7, 2024
IBM PowerSC 1.3, 2.0, and 2.1 uses Cross-Origin Resource Sharing (CORS) which could allow an... Moderate Unreviewed
CVE-2023-50940 was published Feb 2, 2024
Espeak-ng 1.52-dev was discovered to contain a Floating Point Exception via the function... Moderate Unreviewed
CVE-2023-49994 was published Dec 12, 2023
gnark unsoundness in variable comparison / non-unique binary decomposition Moderate
CVE-2023-44378 was published for github.com/consensys/gnark (Go) Oct 4, 2023
kustosz
MultiBit HD before 0.1.2 allows attackers to conduct bit-flipping attacks that insert unspendable... Moderate Unreviewed
CVE-2015-6964 was published Sep 25, 2023
An incorrect comparison vulnerability was identified in GitHub Enterprise Server that allowed... Moderate Unreviewed
CVE-2023-23766 was published Sep 22, 2023
An incorrect comparison vulnerability was identified in GitHub Enterprise Server that allowed... Moderate Unreviewed
CVE-2023-23765 was published Aug 31, 2023
Apache NiFi Insufficient Property Validation vulnerability Moderate
CVE-2023-40037 was published for org.apache.nifi:nifi-dbcp-base (Maven) Aug 19, 2023
A floating point exception vulnerability was found in sox, in the lsx_aiffstartwrite function at... Moderate Unreviewed
CVE-2023-26590 was published Jul 10, 2023
A floating point exception vulnerability was found in sox, in the read_samples function at sox... Moderate Unreviewed
CVE-2023-32627 was published Jul 10, 2023
Sentry CORS misconfiguration Moderate
CVE-2023-36829 was published for sentry (pip) Jul 6, 2023
andr0idp4r4n0id
Apache OpenMeetings insufficient authorization vulnerability Moderate
CVE-2023-28936 was published for org.apache.openmeetings:openmeetings-db (Maven) Jul 6, 2023
An incorrect comparison vulnerability was identified in GitHub Enterprise Server that allowed... Moderate Unreviewed
CVE-2023-23762 was published Jul 6, 2023
An issue was discovered in ONOS 2.5.1. There is an incorrect comparison of paths installed by... Moderate Unreviewed
CVE-2022-29944 was published Apr 20, 2023
An issue was discovered in ONOS 2.5.1. There is an incorrect comparison of flow rules installed... Moderate Unreviewed
CVE-2021-38364 was published Apr 20, 2023
Dell SupportAssist for Home PCs (version 3.11.2 and prior) contain Overly Permissive Cross-domain... Moderate Unreviewed
CVE-2022-34366 was published Feb 10, 2023
The Remote Mount feature can potentially be abused by valid, authenticated users to make... Moderate Unreviewed
CVE-2022-34888 was published Jan 31, 2023
Floating Point Comparison with Incorrect Operator in GitHub repository vim/vim prior to 9.0.0804. Moderate Unreviewed
CVE-2022-4293 was published Dec 5, 2022
Dell Wyse ThinOS 2205 contains a Regular Expression Denial of Service Vulnerability in UI. An... Moderate Unreviewed
CVE-2022-34402 was published Oct 11, 2022
SWFTools commit 772e55a2 was discovered to contain a floating point exception (FPE) via DCTStream... Moderate Unreviewed
CVE-2022-35091 was published Sep 25, 2022
uri-template-lite Regular Expression Denial of Service Moderate
CVE-2021-43309 was published for uri-template-lite (npm) Aug 25, 2022
marfoldi
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database