Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,039
Erlang
29
GitHub Actions
18
Go
1,864
Maven
5,000+
npm
3,587
NuGet
636
pip
3,176
Pub
10
RubyGems
852
Rust
805
Swift
34
Unreviewed advisories
All unreviewed
5,000+

76 advisories

A Denial of Service in CLFS.sys in Microsoft Windows 10, Windows 11, Windows Server 2016, Windows... Moderate Unreviewed
CVE-2024-6768 was published Aug 12, 2024
Django vulnerable to denial-of-service attack Moderate
CVE-2024-41991 was published for Django (pip) Aug 7, 2024
A vulnerability was discovered in Samsung Mobile Processors Exynos 2200 and Exynos 2400 where... Moderate Unreviewed
CVE-2024-31957 was published Jul 9, 2024
A vulnerability was discovered in Samsung Mobile Processors Exynos 850, Exynos 1080, Exynos 2100,... Moderate Unreviewed
CVE-2024-27360 was published Jul 9, 2024
A vulnerability was discovered in Samsung Mobile Processors Exynos 1280, Exynos 2200, Exynos 1330... Moderate Unreviewed
CVE-2024-27362 was published Jul 9, 2024
panic on parsing crafted phonenumber inputs High
CVE-2024-39697 was published for phonenumber (Rust) Jul 9, 2024
rubdos
A sym-linked file accessed via the repair function in Avast Antivirus <24.2 on Windows may allow... High Unreviewed
CVE-2024-5102 was published Jun 10, 2024
Improper Validation of Specified Quantity in Input vulnerability in Tips and Tricks HQ WP Express... High Unreviewed
CVE-2024-30527 was published May 17, 2024
Improper Validation of Specified Quantity in Input vulnerability in The Events Calendar BookIt... Moderate Unreviewed
CVE-2024-24715 was published May 17, 2024
An improper access control was identified in the Identity Security Cloud (ISC) message server API... Moderate Unreviewed
CVE-2024-3317 was published May 15, 2024
A key used in logging.json does not follow the least privilege principle by default and is... Moderate Unreviewed
CVE-2024-3185 was published Apr 23, 2024
A vulnerability was reported in a system recovery bootloader that was part of the Lenovo... Moderate Unreviewed
CVE-2024-23593 was published Apr 15, 2024
A vulnerability exists in the input validation of the GOOSE messages where out of range values... Moderate Unreviewed
CVE-2023-4518 was published Dec 1, 2023
Django Denial-of-service in django.utils.text.Truncator Moderate
CVE-2023-43665 was published for django (pip) Nov 3, 2023
Django Denial of service vulnerability in django.utils.encoding.uri_to_iri Moderate
CVE-2023-41164 was published for django (pip) Nov 3, 2023
An Improper Validation of Specified Quantity in Input vulnerability in the Layer-2 control... Moderate Unreviewed
CVE-2023-36839 was published Oct 13, 2023
phonenumber panics on parsing crafted RFC3966 inputs High
CVE-2023-42444 was published for phonenumber (Rust) Sep 21, 2023
sno2 gferon
blurhash panics on parsing crafted inputs High
CVE-2023-42447 was published for blurhash (Rust) Sep 21, 2023
rubdos
A vulnerability was found in SourceCodester Card Holder Management System 1.0 and classified as... Moderate Unreviewed
CVE-2023-4439 was published Aug 21, 2023
jcvi vulnerable to Configuration Injection due to unsanitized user input High
CVE-2023-35932 was published for jcvi (pip) Jun 23, 2023
Sim4n6
A denial of service attack might be launched against the server if an unusually lengthy password ... High Unreviewed
CVE-2023-30082 was published Jun 14, 2023
NVIDIA GPU Display Driver for Windows contains a vulnerability in the kernel mode layer driver... Low Unreviewed
CVE-2023-0195 was published Apr 1, 2023
NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer... Moderate Unreviewed
CVE-2023-0194 was published Apr 1, 2023
A flaw was found in the c-ares package. The ares_set_sortlist is missing checks about the... High Unreviewed
CVE-2022-4904 was published Mar 7, 2023
IPFS go-bitfield vulnerable to DoS via malformed size arguments Moderate
CVE-2023-23626 was published for github.com/ipfs/go-bitfield (Go) Feb 10, 2023
Jorropo
ProTip! Advisories are also available from the GraphQL API