GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,266
Erlang
31
GitHub Actions
21
Go
2,041
Maven
5,000+
npm
3,733
NuGet
662
pip
3,414
Pub
12
RubyGems
891
Rust
866
Swift
36
Unreviewed advisories
All unreviewed
5,000+
20 advisories
Filter by severity
check-jsonschema default caching for remote schemas allows for cache confusion
Moderate
CVE-2024-53848
was published
for
check-jsonschema
(pip)
Dec 2, 2024
Artifact poisoning vulnerability in action-download-artifact v5 and earlier
High
GHSA-5xr6-xhww-33m4
was published
for
dawidd6/action-download-artifact
(GitHub Actions)
Nov 25, 2024
In JetBrains WebStorm before 2024.3 code execution in Untrusted Project mode was possible via...
Moderate
Unreviewed
CVE-2024-52555
was published
Nov 15, 2024
The pagination class includes arbitrary parameters in links, leading to cache poisoning attack...
Moderate
Unreviewed
CVE-2024-27185
was published
Aug 20, 2024
aiosmtpd STARTTLS unencrypted commands injection
Moderate
CVE-2024-34083
was published
for
aiosmtpd
(pip)
May 20, 2024
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition...
Low
Unreviewed
CVE-2024-21094
was published
Apr 17, 2024
Argument injection in websphere_mq agent plugin in Checkmk 2.0.0, 2.1.0, <2.2.0p25 and <2.3.0b5...
Moderate
Unreviewed
CVE-2024-3367
was published
Apr 16, 2024
In JetBrains IntelliJ IDEA before 2023.3.2 code execution was possible in Untrusted Project mode...
Moderate
Unreviewed
CVE-2023-51655
was published
Dec 21, 2023
A vulnerability has been identified in SCALANCE XB205-3 (SC, PN) (All versions < V4.5), SCALANCE...
High
Unreviewed
CVE-2023-44317
was published
Nov 14, 2023
Moodle Acceptance of Extraneous Untrusted Data With Trusted Data vulnerability
Moderate
CVE-2023-5548
was published
for
moodle/moodle
(Composer)
Nov 9, 2023
AsyncSSH Rogue Extension Negotiation
Moderate
CVE-2023-46445
was published
for
asyncssh
(pip)
Nov 9, 2023
A local user could edit the VideoEdge configuration file and interfere with VideoEdge operation.
Moderate
Unreviewed
CVE-2023-3749
was published
Aug 3, 2023
A flaw was found in the Linux kernels SELinux LSM hook implementation before version 5.7, where...
Low
Unreviewed
CVE-2020-10751
was published
May 24, 2022
A vulnerability exists in the way that iTerm2 integrates with tmux's control mode, which may...
Critical
Unreviewed
CVE-2019-9535
was published
May 24, 2022
Django Vulnerable to Cache Poisoning
Critical
CVE-2014-1418
was published
for
Django
(pip)
May 17, 2022
Symfony HTTP Foundation web cache poisoning
Moderate
CVE-2018-14773
was published
for
symfony/http-foundation
(Composer)
May 13, 2022
ProTip!
Advisories are also available from the
GraphQL API