GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,249
Erlang
31
GitHub Actions
21
Go
2,018
Maven
5,000+
npm
3,723
NuGet
662
pip
3,400
Pub
11
RubyGems
890
Rust
857
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
17 advisories
Filter by severity
An issue was discovered in Poppler 0.71.0. There is a reachable abort in Object.h, will lead to...
Moderate
Unreviewed
CVE-2018-19058
was published
May 13, 2022
In libwebm through 2018-10-03, there is an abort caused by libwebm::Webm2Pes::InitWebmParser()...
Moderate
Unreviewed
CVE-2018-19212
was published
May 13, 2022
A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.4 and...
Moderate
Unreviewed
CVE-2020-3885
was published
May 24, 2022
Signal Private Messenger Android v4.59.0 and up and iOS v3.8.1.5 and up allows a remote non...
Moderate
Unreviewed
CVE-2020-5753
was published
May 24, 2022
An issue was discovered in Xen 4.14.x. There is a missing unlock in the XENMEM_acquire_resource...
Moderate
Unreviewed
CVE-2020-25598
was published
May 24, 2022
Insufficient control flow management in BIOS firmware 8th, 9th Generation Intel(R) Core(TM)...
Moderate
Unreviewed
CVE-2020-8671
was published
May 24, 2022
MediaWiki before 1.35.1 blocks legitimate attempts to hide log entries in some situations. If one...
Moderate
Unreviewed
CVE-2020-35477
was published
May 24, 2022
An electromagnetic-wave side-channel issue was discovered on NXP SmartMX / P5x security...
Moderate
Unreviewed
CVE-2021-3011
was published
May 24, 2022
Multiple Cisco products are affected by a vulnerability in the Snort application detection engine...
Moderate
Unreviewed
CVE-2021-1236
was published
May 24, 2022
An always-incorrect control flow implementation in the implicit filter terms of Juniper Networks...
Moderate
Unreviewed
CVE-2021-0273
was published
May 24, 2022
** DISPUTED ** Styra Open Policy Agent (OPA) Gatekeeper through 3.7.0 mishandles concurrency,...
Moderate
Unreviewed
CVE-2021-43979
was published
May 24, 2022
Insufficient control flow management for the Intel(R) SGX SDK software for Linux before version 2...
Moderate
Unreviewed
CVE-2022-26841
was published
Feb 16, 2023
An issue was discovered in ONOS 2.5.1. An intent with the same source and destination shows the...
Moderate
Unreviewed
CVE-2022-29609
was published
Apr 20, 2023
Insufficient control flow management in the Hyperscan Library maintained by Intel(R) before...
Moderate
Unreviewed
CVE-2023-28711
was published
Aug 11, 2023
A malicious insider exploiting this vulnerability can circumvent existing security controls put...
Moderate
Unreviewed
CVE-2024-0313
was published
Mar 14, 2024
An issue in phiola/src/afilter/conv.c:115 of phiola v2.0-rc22 allows a remote attacker to cause a...
Moderate
Unreviewed
CVE-2024-33431
was published
May 1, 2024
HCL Traveler for Microsoft Outlook (HTMO) is susceptible to a control flow vulnerability. The...
Moderate
Unreviewed
CVE-2024-30133
was published
Nov 12, 2024
ProTip!
Advisories are also available from the
GraphQL API