Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,354
Erlang
31
GitHub Actions
22
Go
2,120
Maven
5,000+
npm
3,779
NuGet
681
pip
3,460
Pub
12
RubyGems
892
Rust
888
Swift
38
Unreviewed advisories
All unreviewed
5,000+

37 advisories

Loading
Server-Side Request Forgery and Uncontrolled Resource Consumption in LemMinX Critical
CVE-2022-0671 was published for org.eclipse.lemminx:lemminx-parent (Maven) Feb 19, 2022
There is an Uncontrolled resource consumption vulnerability in the display module in smartphones.... Critical Unreviewed
CVE-2021-40011 was published Jan 11, 2022
The i_zval_ptr_dtor function in Zend/zend_variables.h in PHP 7.1.5 allows attackers to cause a... Critical Unreviewed
CVE-2017-9119 was published May 14, 2022
Rockwell Automation PowerFlex 525 AC Drives 5.001 and earlier allow remote attackers to cause a... Critical Unreviewed
CVE-2018-19282 was published May 14, 2022
The NetBSD qsort() function is recursive, and not randomized, an attacker can construct a... Critical Unreviewed
CVE-2017-1000378 was published May 13, 2022
In IoTivity through 1.3.1, the CoAP server interface can be used for Distributed Denial of... Critical Unreviewed
CVE-2019-9750 was published May 13, 2022
StarWind iSCSI SAN before 6.0 build 2013-03-20 allows a memory leak. Critical Unreviewed
CVE-2013-20004 was published Feb 12, 2022
Certain General Electric Renewable Energy products allow attackers to use a code to trigger a... Critical Unreviewed
CVE-2022-24118 was published Dec 26, 2022
Security Advisory for "Log4Shell" Critical
GHSA-v57x-gxfj-484q was published for com.hazelcast.jet:hazelcast-jet (Maven) Jan 21, 2022
frant-hartm
Remote code injection, Improper Input Validation and Uncontrolled Recursion in Log4j library Critical
GHSA-3qpm-h9ch-px3c was published for org.powernukkit:powernukkit (Maven) Jan 6, 2022
LoboMetalurgico PleaseInsertNameHere
Denial of Service in https-proxy-agent Critical
CVE-2018-3739 was published for https-proxy-agent (npm) Jul 27, 2018
kurt-r2c
Prototype Pollution in deeply Critical
CVE-2019-10750 was published for deeply (npm) Aug 27, 2019
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database