GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
20
Go
1,998
Maven
5,000+
npm
3,710
NuGet
661
pip
3,364
Pub
11
RubyGems
885
Rust
846
Swift
36
Unreviewed advisories
All unreviewed
5,000+
25 advisories
Filter by severity
An authenticated user can provide a malformed ACL to the fileserver's StoreACL
RPC, causing the...
High
Unreviewed
CVE-2024-10396
was published
Nov 14, 2024
Eclipse Jetty URI parsing of invalid authority
Moderate
CVE-2024-6763
was published
for
org.eclipse.jetty:jetty-http
(Maven)
Oct 14, 2024
Denial of Service in TYPO3 Bookmark Toolbar
Low
CVE-2024-34537
was published
for
typo3/cms-backend
(Composer)
Oct 8, 2024
51l3nc3, member of the AXIS OS Bug Bounty Program, has found that a Guard Tour VAPIX API...
Moderate
Unreviewed
CVE-2024-6173
was published
Sep 10, 2024
An Improper Validation of Syntactic Correctness of Input vulnerability in the Packet Forwarding...
High
Unreviewed
CVE-2024-39542
was published
Jul 11, 2024
An issue in FinalWire AIRDA Extreme, AIDA64 Engineer, AIDA64 Business, AIDA64 Network Audit v.7...
High
Unreviewed
CVE-2024-26507
was published
Jun 10, 2024
An Improper Validation of Syntactic Correctness of Input vulnerability in the Routing Protocol...
High
Unreviewed
CVE-2024-21598
was published
Apr 12, 2024
A vulnerability in Palo Alto Networks PAN-OS software enables a remote attacker to reboot PAN-OS...
High
Unreviewed
CVE-2024-3384
was published
Apr 10, 2024
A Denial of Service (Dos) vulnerability in Nozomi Networks Guardian, caused by improper input...
High
Unreviewed
CVE-2024-0218
was published
Apr 10, 2024
** DISPUTED ** An Improper Input Validation vulnerability affecting the FTP service running on...
Low
Unreviewed
CVE-2023-6950
was published
Apr 2, 2024
Express.js Open Redirect in malformed URLs
Moderate
CVE-2024-29041
was published
for
express
(npm)
Mar 25, 2024
An Improper Validation of Syntactic Correctness of Input vulnerability in Packet Forwarding...
High
Unreviewed
CVE-2024-21616
was published
Jan 12, 2024
An Improper Validation of Syntactic Correctness of Input vulnerability in the Packet Forwarding...
High
Unreviewed
CVE-2024-21595
was published
Jan 12, 2024
An Improper Validation of Syntactic Correctness of Input vulnerability in Routing Protocol...
Moderate
Unreviewed
CVE-2023-44204
was published
Oct 13, 2023
A Denial of Service (Dos) vulnerability in Nozomi Networks Guardian and CMC, due to improper...
High
Unreviewed
CVE-2023-32649
was published
Sep 19, 2023
A partial DoS vulnerability has been detected in the Reports section, exploitable by a malicious...
Moderate
Unreviewed
CVE-2023-24015
was published
Aug 9, 2023
An authenticated administrator can upload a SAML configuration file with the wrong format, with...
Moderate
Unreviewed
CVE-2023-23903
was published
Aug 9, 2023
Knud from Fraktal.fi has found a flaw in some Axis Network Door Controllers and Axis Network...
Moderate
Unreviewed
CVE-2023-21405
was published
Jul 25, 2023
An Improper Validation of Syntactic Correctness of Input vulnerability in Intrusion Detection and...
High
Unreviewed
CVE-2023-28985
was published
Jul 14, 2023
A vulnerability has been identified in SIMATIC Drive Controller family (All versions < V3.0.1),...
High
Unreviewed
CVE-2021-44695
was published
Dec 13, 2022
protobuf-cpp and protobuf-python have potential Denial of Service issue
High
CVE-2022-1941
was published
for
protobuf
(pip)
Sep 23, 2022
A user controlled parameter related to SMTP test functionality is not correctly validated making...
High
Unreviewed
CVE-2021-31988
was published
May 24, 2022
A user controlled parameter related to SMTP test functionality is not correctly validated making...
High
Unreviewed
CVE-2021-31987
was published
May 24, 2022
Patient Information Center iX (PICiX) Versions B.02, C.02, C.03, PerformanceBridge Focal Point...
Low
Unreviewed
CVE-2020-16220
was published
May 24, 2022
An Improper Validation of Syntactic Correctness of Input vulnerability in the Juniper DHCP daemon...
Moderate
Unreviewed
CVE-2022-22176
was published
Jan 20, 2022
ProTip!
Advisories are also available from the
GraphQL API