GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
20
Go
1,998
Maven
5,000+
npm
3,710
NuGet
661
pip
3,364
Pub
11
RubyGems
885
Rust
846
Swift
36
Unreviewed advisories
All unreviewed
5,000+
13 advisories
Filter by severity
Pterodactyl Panel vulnerable to authentication bypass due to improper user-provided security token verification
High
CVE-2021-41129
was published
for
pterodactyl/panel
(Composer)
Oct 4, 2021
Sony Neural Network Libraries reliance on untrusted inputs prior to v1.0.10
Critical
CVE-2019-10844
was published
for
nnabla
(pip)
May 13, 2022
Cached redirect poisoning via X-Forwarded-Host header
High
CVE-2021-29479
was published
for
io.ratpack:ratpack-core
(Maven)
Jul 1, 2021
A Reliance on Untrusted Inputs in a Security Decision vulnerability in the login proxy of the...
High
Unreviewed
CVE-2021-36777
was published
Mar 10, 2022
A vulnerability in the input protection mechanisms of Cisco Firepower Management Center (FMC)...
Moderate
Unreviewed
CVE-2022-20744
was published
May 4, 2022
A reliance on untrusted inputs in a security decision could be exploited by a privileged user to...
Moderate
Unreviewed
CVE-2023-46686
was published
Dec 19, 2023
A local privilege escalation (PE) vulnerability in the Palo Alto Networks GlobalProtect app on...
High
Unreviewed
CVE-2023-0009
was published
Jun 14, 2023
A flaw in the TETRA authentication procecure allows a MITM adversary that can predict the MS...
Moderate
Unreviewed
CVE-2022-24400
was published
Oct 19, 2023
Insufficient validation of untrusted input in Safe Browsing in Google Chrome prior to 127.0.6533...
High
Unreviewed
CVE-2024-7005
was published
Aug 6, 2024
Rancher Privilege escalation vulnerability via malicious "Connection" header
High
CVE-2021-31999
was published
for
github.com/rancher/rancher
(Go)
Apr 24, 2024
Malicious package may avoid detection in python auditing
Moderate
CVE-2020-5252
was published
for
safety
(pip)
Mar 24, 2020
This vulnerability exists in Aero due to improper implementation of OTP validation mechanism in...
Critical
Unreviewed
CVE-2024-51561
was published
Nov 4, 2024
Sinatra vulnerable to Reliance on Untrusted Inputs in a Security Decision
Moderate
CVE-2024-21510
was published
for
sinatra
(RubyGems)
Nov 1, 2024
ProTip!
Advisories are also available from the
GraphQL API