Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,303
Erlang
31
GitHub Actions
21
Go
2,071
Maven
5,000+
npm
3,744
NuGet
669
pip
3,430
Pub
12
RubyGems
892
Rust
880
Swift
36
Unreviewed advisories
All unreviewed
5,000+

105 advisories

Loading
panic on parsing crafted phonenumber inputs Critical
CVE-2024-39697 was published for phonenumber (Rust) Jul 9, 2024
rubdos
A sym-linked file accessed via the repair function in Avast Antivirus <24.2 on Windows may allow... High Unreviewed
CVE-2024-5102 was published Jun 10, 2024
Improper Validation of Specified Quantity in Input vulnerability in The Events Calendar BookIt... Moderate Unreviewed
CVE-2024-24715 was published May 17, 2024
Improper Validation of Specified Quantity in Input vulnerability in Tips and Tricks HQ WP Express... High Unreviewed
CVE-2024-30527 was published May 17, 2024
An improper access control was identified in the Identity Security Cloud (ISC) message server API... Moderate Unreviewed
CVE-2024-3317 was published May 15, 2024
A key used in logging.json does not follow the least privilege principle by default and is... Moderate Unreviewed
CVE-2024-3185 was published Apr 23, 2024
A vulnerability was reported in a system recovery bootloader that was part of the Lenovo... Moderate Unreviewed
CVE-2024-23593 was published Apr 15, 2024
In SecurityCommand message after as security has been actived., there is a possible improper... Moderate Unreviewed
CVE-2023-52343 was published Apr 8, 2024
Faulty input validation in the core of Apache allows malicious or exploitable backend/content... High Unreviewed
CVE-2023-38709 was published Apr 4, 2024
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. High Unreviewed
CVE-2024-1714 was published Feb 21, 2024
Improper input validation in some Zoom clients may allow an authenticated user to conduct a... Moderate Unreviewed
CVE-2024-24690 was published Feb 14, 2024
A vulnerability exists in the input validation of the GOOSE messages where out of range values... Moderate Unreviewed
CVE-2023-4518 was published Dec 1, 2023
Improper Input Validation in Checkmk <2.2.0p15, <2.1.0p37, <=2.0.0p39 allows priviledged... Low Unreviewed
CVE-2023-23549 was published Nov 15, 2023
Django Denial-of-service in django.utils.text.Truncator High
CVE-2023-43665 was published for Django (pip) Nov 3, 2023
Django Denial of service vulnerability in django.utils.encoding.uri_to_iri Moderate
CVE-2023-41164 was published for django (pip) Nov 3, 2023
An Improper Validation of Specified Quantity in Input vulnerability in the Layer-2 control... Moderate Unreviewed
CVE-2023-36839 was published Oct 13, 2023
phonenumber panics on parsing crafted RFC3966 inputs High
CVE-2023-42444 was published for phonenumber (Rust) Sep 21, 2023
sno2 gferon
blurhash panics on parsing crafted inputs High
CVE-2023-42447 was published for blurhash (Rust) Sep 21, 2023
rubdos
A vulnerability was found in SourceCodester Card Holder Management System 1.0 and classified as... Moderate Unreviewed
CVE-2023-4439 was published Aug 21, 2023
Denial-of-service (DoS) vulnerability due to improper validation of specified type of input issue... High Unreviewed
CVE-2023-38744 was published Aug 3, 2023
jcvi vulnerable to Configuration Injection due to unsanitized user input High
CVE-2023-35932 was published for jcvi (pip) Jun 23, 2023
Sim4n6
The HTTP server in Mongoose before 7.10 accepts requests containing negative Content-Length headers. High Unreviewed
CVE-2023-34188 was published Jun 23, 2023
A denial of service attack might be launched against the server if an unusually lengthy password ... High Unreviewed
CVE-2023-30082 was published Jun 14, 2023
Due to URL previews in the network panel of developer tools improperly storing URLs, query... High Unreviewed
CVE-2023-25731 was published Jun 2, 2023
NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer... Moderate Unreviewed
CVE-2023-0194 was published Apr 1, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database