GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
19 advisories
Filter by severity
Unexpected visibility of environment variable configurations in @backstage/plugin-app-backend
Moderate
CVE-2024-47762
was published
for
@backstage/plugin-app-backend
(npm)
Oct 3, 2024
A problem with a detection mechanism in the Palo Alto Networks Cortex XDR agent on Windows...
Moderate
Unreviewed
CVE-2024-8690
was published
Sep 11, 2024
It's possible for a gRPC client communicating with a HTTP/2 proxy to poison the HPACK table...
Moderate
Unreviewed
CVE-2024-7246
was published
Aug 6, 2024
LoLLMS vulnerable to Expected Behavior Violation
High
CVE-2024-6281
was published
for
lollms
(pip)
Jul 20, 2024
Failure to properly synchronize user's permissions in UAA in Cloud Foundry Foundation v40.17.0...
Low
Unreviewed
CVE-2024-38806
was published
Jul 18, 2024
Apollo Router vulnerable to Critical Regression In Query Plan Cache
Critical
CVE-2024-32971
was published
for
apollo-router
(Rust)
May 2, 2024
Unauthenticated Nonce Increment in snow
Moderate
GHSA-7g9j-g5jg-3vv3
was published
for
snow
(Rust)
Jan 24, 2024
Issue summary: The POLY1305 MAC (message authentication code) implementation
contains a bug that...
Moderate
Unreviewed
CVE-2023-6129
was published
Jan 9, 2024
Issue summary: The POLY1305 MAC (message authentication code) implementation
contains a bug that...
High
Unreviewed
CVE-2023-4807
was published
Sep 8, 2023
sweetalert2 v11.6.14 and above contains potentially undesirable behavior
Low
GHSA-mrr8-v49w-3333
was published
for
sweetalert2
(npm)
Jul 10, 2023
gRPC connection termination issue
Moderate
CVE-2023-32732
was published
for
grpc
(RubyGems)
Jul 6, 2023
A flaw was found in OpenStack due to an inconsistency between Cinder and Nova. This issue can be...
Moderate
Unreviewed
CVE-2023-2088
was published
May 12, 2023
A flaw was found in the KVM's AMD nested virtualization (SVM). A malicious L1 guest could...
Moderate
Unreviewed
CVE-2022-3344
was published
Oct 25, 2022
WAGO Series PFC100/PFC200, Series Touch Panel 600, Compact Controller CC100 and Edge Controller...
Moderate
Unreviewed
CVE-2022-3281
was published
Oct 17, 2022
An exploitable denial-of-service vulnerability exists in the 802.11w security state handling for...
Moderate
Unreviewed
CVE-2019-5062
was published
May 24, 2022
An exploitable denial-of-service vulnerability exists in the hostapd 2.6, where an attacker could...
Moderate
Unreviewed
CVE-2019-5061
was published
May 24, 2022
Expected Behavior Violation in Apache Tomcat
Critical
CVE-2017-5651
was published
for
org.apache.tomcat.embed:tomcat-embed-core
(Maven)
May 13, 2022
The monitor barrier of the affected products insufficiently blocks data from being forwarded over...
Critical
Unreviewed
CVE-2019-6569
was published
Apr 30, 2022
ProTip!
Advisories are also available from the
GraphQL API