GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,134
Erlang
30
GitHub Actions
19
Go
1,941
Maven
5,000+
npm
3,681
NuGet
650
pip
3,299
Pub
11
RubyGems
878
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+
60 advisories
Filter by severity
rdiffweb 2.4.1 Missing Custom Error Page
Moderate
CVE-2022-3175
was published
for
rdiffweb
(pip)
Sep 14, 2022
Directus vulnerable to unhandled exception on illegal filename_disk value
Moderate
CVE-2022-36031
was published
for
directus
(npm)
Aug 30, 2022
Yauaa vulnerable to ArrayIndexOutOfBoundsException triggered by a crafted Sec-Ch-Ua-Full-Version-List
High
CVE-2022-23496
was published
for
nl.basjes.parse.useragent:yauaa
(Maven)
Dec 8, 2022
Improper Handling of Exceptional Conditions and Improper Input Validation in Reactor Netty
High
CVE-2020-5403
was published
for
io.projectreactor.netty:reactor-netty-http
(Maven)
Feb 10, 2022
Parse Server crashes with query parameter
High
CVE-2021-39187
was published
for
parse-server
(npm)
Sep 2, 2021
nadesiko3 allows remote attacker to inject invalid value to decodeURIComponent of nako3edit
Moderate
CVE-2022-41777
was published
for
nadesiko3
(npm)
Dec 5, 2022
Improper Handling of Exceptional Conditions and Origin Validation Error in Eclipse Paho Java client library
Moderate
CVE-2019-11777
was published
for
org.eclipse.paho:org.eclipse.paho.client.mqttv3
(Maven)
Sep 17, 2019
Improper Check for Unusual or Exceptional Conditions in Connect2id Nimbus JOSE+JWT
Critical
CVE-2019-17195
was published
for
com.nimbusds:nimbus-jose-jwt
(Maven)
Oct 16, 2019
Denial of Service (DoS) in restify-paginate
High
CVE-2020-27543
was published
for
restify-paginate
(npm)
Apr 12, 2021
Segfault in `tf.raw_ops.SparseCountSparseOutput`
Low
CVE-2021-29619
was published
for
tensorflow
(pip)
May 21, 2021
Crash in `tf.strings.substr` due to `CHECK`-fail
Low
CVE-2021-29617
was published
for
tensorflow
(pip)
May 21, 2021
Crash in `tf.transpose` with complex inputs
Low
CVE-2021-29618
was published
for
tensorflow
(pip)
May 21, 2021
Improper Handling of Exceptional Conditions in detect-character-encoding
High
CVE-2021-39157
was published
for
detect-character-encoding
(npm)
Aug 25, 2021
Uncontrolled Resource Consumption in transpile
Moderate
CVE-2021-23429
was published
for
transpile
(npm)
Sep 2, 2021
Exposure of Sensitive Information in keycloak
Moderate
CVE-2020-1744
was published
for
org.keycloak:keycloak-core
(Maven)
Sep 20, 2021
Improper Handling of Exceptional Conditions in Apache Tomcat
High
CVE-2021-30639
was published
for
org.apache.tomcat:tomcat
(Maven)
Aug 13, 2021
Uncaught Exception in zip4j
Moderate
CVE-2022-24615
was published
for
net.lingala.zip4j:zip4j
(Maven)
Feb 25, 2022
Improper Handling of Exceptional Conditions inn metadata-extractor
Moderate
CVE-2022-24613
was published
for
com.drewnoakes:metadata-extractor
(Maven)
Feb 25, 2022
go-merkledag's ProtoNode may be modified such that common method calls may panic
High
CVE-2022-23495
was published
for
github.com/ipfs/go-merkledag
(Go)
Dec 8, 2022
Ory fosite contains Improper Handling of Exceptional Conditions
High
CVE-2020-15223
was published
for
github.com/ory/fosite
(Go)
May 24, 2021
xwiki vulnerable to Improper Handling of Exceptional Conditions
Moderate
CVE-2023-26479
was published
for
org.xwiki.platform:xwiki-platform-rendering-parser
(Maven)
Mar 3, 2023
Comrak AST node data is not validated (GHSL-2023-049)
Moderate
CVE-2023-28631
was published
for
comrak
(Rust)
Mar 28, 2023
ProTip!
Advisories are also available from the
GraphQL API