GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,266
Erlang
31
GitHub Actions
21
Go
2,035
Maven
5,000+
npm
3,732
NuGet
662
pip
3,413
Pub
12
RubyGems
891
Rust
865
Swift
36
Unreviewed advisories
All unreviewed
5,000+
21 advisories
Filter by severity
rPGP Panics on Malformed Untrusted Input
High
CVE-2024-53856
was published
for
pgp
(Rust)
Dec 5, 2024
rdiffweb's unlimited username field length can lead to DoS
High
CVE-2022-3290
was published
for
rdiffweb
(pip)
Sep 27, 2022
Django vulnerable to Denial of Service
High
CVE-2024-39614
was published
for
Django
(pip)
Jul 10, 2024
Django vulnerable to Denial of Service
High
CVE-2024-38875
was published
for
Django
(pip)
Jul 10, 2024
Secure Boot Security Feature Bypass Vulnerability
High
Unreviewed
CVE-2024-37989
was published
Jul 9, 2024
Secure Boot Security Feature Bypass Vulnerability
High
Unreviewed
CVE-2024-37988
was published
Jul 9, 2024
Secure Boot Security Feature Bypass Vulnerability
High
Unreviewed
CVE-2024-38010
was published
Jul 9, 2024
Secure Boot Security Feature Bypass Vulnerability
High
Unreviewed
CVE-2024-38011
was published
Jul 9, 2024
Server receiving a malformed message that causes a disconnect to a hostname may causing a stack...
High
Unreviewed
CVE-2023-5393
was published
Apr 11, 2024
A heap-based buffer overflow vulnerability exists in the TriangleMesh clone functionality of...
High
Unreviewed
CVE-2022-36788
was published
Apr 20, 2023
An Improper Handling of Length Parameter Inconsistency vulnerability in the routing protocol...
High
Unreviewed
CVE-2023-28964
was published
Apr 18, 2023
Multiple vulnerabilities in the Cisco Discovery Protocol functionality of Cisco ATA 190 Series...
High
Unreviewed
CVE-2022-20690
was published
Dec 12, 2022
Multiple vulnerabilities in the Cisco Discovery Protocol functionality of Cisco ATA 190 Series...
High
Unreviewed
CVE-2022-20689
was published
Dec 12, 2022
Improper Handling of Length Parameter Inconsistency vulnerability in MELSEC iQ-R Series R00/01...
High
Unreviewed
CVE-2021-20610
was published
Dec 2, 2021
Improper handling of NTS cookie length that could crash the ntpd-rs server
High
CVE-2023-33192
was published
for
ntpd
(Rust)
May 25, 2023
swift-nio-http2 vulnerable to denial of service via invalid HTTP/2 HEADERS frame length
High
CVE-2022-24666
was published
for
github.com/apple/swift-nio-http2
(Swift)
May 18, 2023
Duplicate advisory: swift-nio-http2 vulnerable to denial of service via invalid HTTP/2 HEADERS frame length
High
GHSA-pv7r-9vjg-g3f9
was published
for
github.com/apple/swift-nio-http2
(Swift)
Feb 11, 2022
•
withdrawn
RosarioSIS before 10.1 vulnerable to Improper Handling of Length Parameter Inconsistency
High
CVE-2022-2714
was published
for
francoisjacquet/rosariosis
(Composer)
Sep 7, 2022
Improper Handling of Length Parameter Inconsistency in Compress
High
CVE-2021-35516
was published
for
org.apache.commons:commons-compress
(Maven)
Aug 2, 2021
Improper Handling of Length Parameter Inconsistency in Compress
High
CVE-2021-36090
was published
for
org.apache.commons:commons-compress
(Maven)
Aug 2, 2021
Improper Handling of Length Parameter Inconsistency in Compress
High
CVE-2021-35517
was published
for
org.apache.commons:commons-compress
(Maven)
Aug 2, 2021
ProTip!
Advisories are also available from the
GraphQL API