Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+

14 advisories

Loading
HCL Nomad server on Domino is affected by an open proxy vulnerability in which an unauthenticated... High Unreviewed
CVE-2024-30128 was published Sep 25, 2024
In updateNotificationChannelFromPrivilegedListener of NotificationManagerService.java, there is a... High Unreviewed
CVE-2024-31319 was published Jul 9, 2024
Pterodactyl Wings vulnerable to Server-Side Request Forgery during remote file pull Moderate
CVE-2024-34068 was published for github.com/pterodactyl/wings (Go) May 3, 2024
TrixterTheTux matthewpi
The EDS-4000/G4000 Series prior to version 3.2 includes IP forwarding capabilities that users... Moderate Unreviewed
CVE-2024-0387 was published Feb 26, 2024
KanColleViewer versions 3.8.1 and earlier operates as an open proxy which allows remote attackers... Critical Unreviewed
CVE-2015-2947 was published May 17, 2022
Jenkins Publisher Over CIFS Plugin confused deputy vulnerability Moderate
CVE-2018-1999038 was published for org.jenkins-ci.plugins:publish-over-cifs (Maven) May 14, 2022
An issue was discovered in Amazon Web Services (AWS) FreeRTOS through 1.3.1, FreeRTOS up to V10.0... Moderate Unreviewed
CVE-2018-16598 was published May 14, 2022
Insufficient memory write check in SMM service for EDK II may allow an authenticated user to... Moderate Unreviewed
CVE-2018-12182 was published May 14, 2022
MikroTik RouterOS before 6.43.12 (stable) and 6.42.12 (long-term) is vulnerable to an... High Unreviewed
CVE-2019-3924 was published May 13, 2022
An unauthenticated remote attacker can use SMA 100 as an unintended proxy or intermediary... Critical Unreviewed
CVE-2021-20042 was published Dec 9, 2021
Confused Deputy in Kubernetes Low
CVE-2021-25740 was published for k8s.io/kubernetes (Go) Sep 21, 2021
Confused Deputy in Kubernetes Moderate
CVE-2020-8561 was published for k8s.io/kubernetes (Go) Sep 21, 2021
Unchecked hostname resolution could allow access to local network resources by users outside the local network Moderate
GHSA-6rg3-8h8x-5xfv was published for github.com/pterodactyl/wings (Go) Jun 23, 2021
Externally Controlled Reference to a Resource in Another Sphere and Confused Deputy in Spring Cloud Netflix Moderate
CVE-2020-5412 was published for org.springframework.cloud:spring-cloud-netflix (Maven) Apr 30, 2021
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database