Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

144 advisories

Loading
A vulnerability in the ClamD service module of Clam AntiVirus (ClamAV) versions 1.4.0, 1.3.2 and... Moderate Unreviewed
CVE-2024-20506 was published Sep 5, 2024
Mattermost versions 9.9.x <= 9.9.1, 9.5.x <= 9.5.7, 9.10.x <= 9.10.0, 9.8.x <= 9.8.2 fail to... Moderate Unreviewed
CVE-2024-42411 was published Aug 22, 2024
Improper conditions check in Linux kernel mode driver for some Intel(R) Ethernet Network... Moderate Unreviewed
CVE-2024-21806 was published Aug 14, 2024
A null pointer dereference flaw was found in Libtiff via `tif_dirinfo.c`. This issue may allow an... Moderate Unreviewed
CVE-2024-7006 was published Aug 12, 2024
Mattermost allows a remote actor to permanently delete local data by abusing dangerous error handling Moderate
CVE-2024-39832 was published for github.com/mattermost/mattermost/server/v8 (Go) Aug 1, 2024
An Improper Check for Unusual or Exceptional Conditions vulnerability in the flow daemon (flowd)... Moderate Unreviewed
CVE-2024-39561 was published Jul 11, 2024
In the Linux kernel, the following vulnerability has been resolved: tracing/probes: fix error... Moderate Unreviewed
CVE-2024-36481 was published Jun 21, 2024
Tor path lengths too short when "full Vanguards" configured Moderate
CVE-2024-35313 was published for arti (Rust) May 18, 2024
Mattermost crashes web clients via a malformed custom status Moderate
CVE-2024-4182 was published for github.com/mattermost/mattermost-server (Go) Apr 26, 2024
An Improper Check for Unusual or Exceptional Conditions vulnerability in the Layer 2 Address... Moderate Unreviewed
CVE-2024-30402 was published Apr 12, 2024
An Improper Check for Unusual or Exceptional Conditions vulnerability in the Packet Forwarding... Moderate Unreviewed
CVE-2024-30384 was published Apr 12, 2024
An Improper Check for Unusual or Exceptional Conditions vulnerability in telemetry processing of... Moderate Unreviewed
CVE-2024-30409 was published Apr 12, 2024
In pq, there is a possible write-what-where condition due to an incorrect bounds check. This... Moderate Unreviewed
CVE-2024-20037 was published Mar 4, 2024
In the Linux kernel, the following vulnerability has been resolved: ARM: footbridge: fix PCI... Moderate Unreviewed
CVE-2021-46909 was published Feb 27, 2024
Malformed S2 Nonce Get Command Class packets can be sent to crash PC Controller v5.54.0 and... Moderate Unreviewed
CVE-2023-6640 was published Feb 21, 2024
dm_table_create in drivers/md/dm-table.c in the Linux kernel through 6.7.4 can attempt to (in... Moderate Unreviewed
CVE-2023-52429 was published Feb 12, 2024
create_empty_lvol in drivers/mtd/ubi/vtbl.c in the Linux kernel through 6.7.4 can attempt to... Moderate Unreviewed
CVE-2024-25739 was published Feb 12, 2024
moby docker daemon crash during image pull of malicious image Moderate
CVE-2021-21285 was published for github.com/moby/moby (Go) Jan 31, 2024
bgeesaman joshlarsen
IanColdwater mauilion raesene cpuguy83 neersighted
BuildKit vulnerable to possible panic when incorrect parameters sent from frontend Moderate
CVE-2024-23650 was published for github.com/moby/buildkit (Go) Jan 31, 2024
cpuguy83
Vyper's raw_call `value=` kwargs not disabled for static and delegate calls Moderate
CVE-2024-24567 was published for vyper (pip) Jan 30, 2024
cyberthirst pcaversaccio
kuroi8 0xdeadbeef0x
Vulnerability of improper checking for unusual or exceptional conditions in Lamassu Bitcoin ATM... Moderate Unreviewed
CVE-2024-0675 was published Jan 30, 2024
An Improper Check for Unusual or Exceptional Conditions vulnerability in the kernel of Juniper... Moderate Unreviewed
CVE-2024-21603 was published Jan 12, 2024
The Gallery Plugin for WordPress – Envira Photo Gallery plugin for WordPress is vulnerable to... Moderate Unreviewed
CVE-2023-6742 was published Jan 11, 2024
A denial of service vulnerability exists in all Silicon Labs Z-Wave controller and endpoint... Moderate Unreviewed
CVE-2023-5310 was published Dec 15, 2023
A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 2). Affected... Moderate Unreviewed
CVE-2023-48431 was published Dec 12, 2023
ProTip! Advisories are also available from the GraphQL API