Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+

73 advisories

Loading
incorrect order of evaluation of side effects for some builtins Moderate
CVE-2023-41052 was published for vyper (pip) Sep 4, 2023
trocher
Vyper: reversed order of side effects for some operations Moderate
CVE-2023-40015 was published for vyper (pip) Sep 4, 2023
trocher
Vyper's nonpayable default functions are sometimes payable Moderate
CVE-2023-32675 was published for vyper (pip) May 22, 2023
trocher
Incorrect success value returned in vyper High
CVE-2023-30629 was published for vyper (pip) Apr 24, 2023
algys pavelvm5
Multiple evaluation of contract address in call in vyper High
CVE-2022-29255 was published for vyper (pip) Jun 6, 2022
HCL Traveler for Microsoft Outlook (HTMO) is susceptible to a control flow vulnerability. The... Moderate Unreviewed
CVE-2024-30133 was published Nov 12, 2024
Tor Arti's STUB circuits incorrectly have a length of 2 High
CVE-2024-35312 was published for arti (Rust) May 18, 2024
In the Linux kernel, the following vulnerability has been resolved: mm: call the... High Unreviewed
CVE-2024-47745 was published Oct 21, 2024
btcd did not correctly re-implement Bitcoin Core's "FindAndDelete()" functionality High
CVE-2024-38365 was published for github.com/btcsuite/btcd (Go) Oct 10, 2024
darosior dergoegge
In Gradio, the `enable_monitoring` flag set to `False` does not disable monitoring Low
CVE-2024-47168 was published for gradio (pip) Oct 10, 2024
ahpaleus Vasco-jofra
wasmtime has a runtime crash when combining tail calls with trapping imports Moderate
CVE-2024-47763 was published for wasmtime (Rust) Oct 9, 2024
alexcrichton fitzgen
A vulnerability in the DHCP Snooping feature of Cisco IOS XE Software on Software-Defined Access ... High Unreviewed
CVE-2024-20480 was published Sep 25, 2024
Nokia Service Router Operating System (SR OS) 22.10 and SR Linux, when error-handling update... High Unreviewed
CVE-2023-41376 was published Aug 29, 2023
Denial of service in quinn-proto when using `Endpoint::retry()` High
CVE-2024-45311 was published for quinn-proto (Rust) Sep 3, 2024
finnbear BiagioFesta
Ansible unsafe evaluation of some strings High
CVE-2014-2686 was published for ansible (pip) May 17, 2022
Insufficient authentication flow in Checkmk before 2.2.0p17, 2.1.0p37 and 2.0.0p39 allows... High Unreviewed
CVE-2023-31211 was published Jan 12, 2024
there is a possible way to bypass due to a logic error in the code. This could lead to local... High Unreviewed
CVE-2024-32896 was published Jun 13, 2024
An issue in phiola/src/afilter/conv.c:115 of phiola v2.0-rc22 allows a remote attacker to cause a... Moderate Unreviewed
CVE-2024-33431 was published May 1, 2024
Contract balance not updating correctly after interchain transaction High
CVE-2024-37153 was published for github.com/evmos/evmos/v10 (Go) Jun 6, 2024
Vvaradinov EvmosDAO
Rockwell Automation was made aware of a vulnerability that causes all affected controllers on the... Unknown Unreviewed
CVE-2024-5659 was published Jun 14, 2024
Keycloak's improper input validation allows using email as username Low
GHSA-4vc8-pg5c-vg4x was published for org.keycloak:keycloak-services (Maven) Jun 12, 2024
Requests `Session` object does not verify requests after making first request with verify=False Moderate
CVE-2024-35195 was published for requests (pip) May 20, 2024
mikeassel sigmavirus24
nateprewitt
eZ Platform Rules to disable executable access are ignored on Platform.sh (eZ Cloud) Moderate
GHSA-6xch-2vxx-5pvr was published for ezsystems/ezplatform (Composer) May 15, 2024
Insufficient control flow management in the Hyperscan Library maintained by Intel(R) before... Moderate Unreviewed
CVE-2023-28711 was published Aug 11, 2023
An issue was discovered in ONOS 2.5.1. An intent with the same source and destination shows the... Moderate Unreviewed
CVE-2022-29609 was published Apr 20, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database