GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,266
Erlang
31
GitHub Actions
21
Go
2,041
Maven
5,000+
npm
3,733
NuGet
662
pip
3,413
Pub
12
RubyGems
891
Rust
866
Swift
36
Unreviewed advisories
All unreviewed
5,000+
19 advisories
Filter by severity
Cilium's Layer 7 policy enforcement may not occur in policies with wildcarded port ranges
Moderate
CVE-2024-52529
was published
for
github.com/cilium/cilium
(Go)
Nov 25, 2024
loona-hpack Panic Vulnerability
Moderate
CVE-2024-51502
was published
for
loona-hpack
(Rust)
Nov 4, 2024
Tonic has remotely exploitable denial of service vulnerability
Moderate
CVE-2024-47609
was published
for
tonic
(Rust)
Oct 1, 2024
Malicious Matrix homeserver can leak truncated message content of messages it shouldn't have access to
Moderate
CVE-2024-39691
was published
for
matrix-appservice-irc
(npm)
Jul 5, 2024
Elasticsearch Improper Handling of Exceptional Conditions
Moderate
CVE-2023-46673
was published
for
org.elasticsearch:elasticsearch
(Maven)
Nov 22, 2023
Apollo Router Unnamed "Subscription" operation results in Denial-of-Service
Moderate
CVE-2023-41317
was published
for
apollo-router
(Rust)
Sep 7, 2023
Improper random reading in CIRCL
Moderate
CVE-2023-1732
was published
for
github.com/cloudflare/circl
(Go)
May 11, 2023
XWiki Platform vulnerable to page render failure due to broken translations
Moderate
CVE-2023-29520
was published
for
org.xwiki.platform:xwiki-platform-localization-source-wiki
(Maven)
Apr 20, 2023
Comrak AST node data is not validated (GHSL-2023-049)
Moderate
CVE-2023-28631
was published
for
comrak
(Rust)
Mar 28, 2023
Cilium eBPF filters may be temporarily removed during agent restart
Moderate
CVE-2023-27595
was published
for
github.com/cilium/cilium
(Go)
Mar 17, 2023
xwiki vulnerable to Improper Handling of Exceptional Conditions
Moderate
CVE-2023-26479
was published
for
org.xwiki.platform:xwiki-platform-rendering-parser
(Maven)
Mar 3, 2023
nadesiko3 allows remote attacker to inject invalid value to decodeURIComponent of nako3edit
Moderate
CVE-2022-41777
was published
for
nadesiko3
(npm)
Dec 5, 2022
rdiffweb Missing Custom Error Page
Moderate
CVE-2022-3175
was published
for
rdiffweb
(pip)
Sep 14, 2022
Directus vulnerable to unhandled exception on illegal filename_disk value
Moderate
CVE-2022-36031
was published
for
directus
(npm)
Aug 30, 2022
Improper Handling of Exceptional Conditions inn metadata-extractor
Moderate
CVE-2022-24613
was published
for
com.drewnoakes:metadata-extractor
(Maven)
Feb 25, 2022
Uncaught Exception in zip4j
Moderate
CVE-2022-24615
was published
for
net.lingala.zip4j:zip4j
(Maven)
Feb 25, 2022
Exposure of Sensitive Information in keycloak
Moderate
CVE-2020-1744
was published
for
org.keycloak:keycloak-core
(Maven)
Sep 20, 2021
Uncontrolled Resource Consumption in transpile
Moderate
CVE-2021-23429
was published
for
transpile
(npm)
Sep 2, 2021
Improper Handling of Exceptional Conditions and Origin Validation Error in Eclipse Paho Java client library
Moderate
CVE-2019-11777
was published
for
org.eclipse.paho:org.eclipse.paho.client.mqttv3
(Maven)
Sep 17, 2019
ProTip!
Advisories are also available from the
GraphQL API