GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,134
Erlang
29
GitHub Actions
19
Go
1,941
Maven
5,000+
npm
3,681
NuGet
650
pip
3,298
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+
10,640 advisories
Filter by severity
Suricata before 1.4.6 allows remote attackers to cause a denial of service (crash) via a...
Moderate
Unreviewed
CVE-2013-5919
was published
May 14, 2022
SaltStack Salt Denial of Service via a crafted authentication request
High
CVE-2017-14696
was published
for
salt
(pip)
May 17, 2022
SaltStack Salt Improper Validation of eauth credentials and tokens in salt-netapi
Critical
CVE-2020-25592
was published
for
salt
(pip)
May 24, 2022
Python RSA allows attackers to spoof signatures
Moderate
CVE-2016-1494
was published
for
rsa
(pip)
May 14, 2022
Improper Input Validation in pyftpdlib
High
CVE-2007-6739
was published
for
pyftpdlib
(pip)
May 1, 2022
Policies not properly enforced in bluemonday
High
CVE-2021-42576
was published
for
github.com/microcosm-cc/bluemonday
(Go)
Oct 19, 2021
A vulnerability can occur when capturing a media stream when the media source type is changed as...
Critical
Unreviewed
CVE-2018-5156
was published
May 14, 2022
The nsImageGeometryMixin class in Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4, and...
High
Unreviewed
CVE-2016-5272
was published
May 14, 2022
Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4, and Thunderbird < 45.4 rely on...
High
Unreviewed
CVE-2016-5284
was published
May 14, 2022
Improper input validation for some Intel NUC BIOS firmware before version JY0070 may allow a...
High
Unreviewed
CVE-2023-28738
was published
Jan 19, 2024
Given a compromised sandboxed content process due to a separate vulnerability, it is possible to...
Moderate
Unreviewed
CVE-2019-9812
was published
May 24, 2022
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 could...
Moderate
Unreviewed
CVE-2023-47746
was published
Jan 22, 2024
privacyIDEA Improper Input Validation vulnerability
High
CVE-2018-1000809
was published
for
privacyIDEA
(pip)
Jan 14, 2019
The Windows kernel-mode drivers in win32k.sys in Microsoft Windows XP SP2 and SP3, Windows Server...
High
Unreviewed
CVE-2010-1896
was published
May 14, 2022
Arbitrary file deletion in litellm
Moderate
CVE-2024-4888
was published
for
litellm
(pip)
Jun 6, 2024
DNSAPI.dll in the DNS client in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2,...
High
Unreviewed
CVE-2011-0657
was published
May 13, 2022
win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003...
High
Unreviewed
CVE-2012-0157
was published
May 4, 2022
mintplex-labs/anything-llm is vulnerable to multiple security issues due to improper input...
High
Unreviewed
CVE-2024-3152
was published
Jun 6, 2024
Improper input validation in some firmware for Intel(R) AMT and Intel(R) Standard Manageability...
High
Unreviewed
CVE-2022-36392
was published
Aug 11, 2023
An Improper Input Validation vulnerability in Zscaler Client Connector on Linux allows Privilege...
Critical
Unreviewed
CVE-2023-28805
was published
Oct 23, 2023
Authenticated Remote Code Execution in Altalink, Versalink & WorkCentre Products.
High
Unreviewed
CVE-2024-6333
was published
Oct 17, 2024
A URL parameter during login flow was vulnerable to injection. An attacker could insert a...
Moderate
Unreviewed
CVE-2023-28799
was published
Jun 22, 2023
Radicale vulnerable to arbitrary file read or write
Critical
CVE-2015-8747
was published
for
Radicale
(pip)
May 17, 2022
PyWBEM TOCTOU vulnerability in certificate validation
Moderate
CVE-2013-6444
was published
for
pywbem
(pip)
May 17, 2022
ProTip!
Advisories are also available from the
GraphQL API