Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
20
Go
1,998
Maven
5,000+
npm
3,710
NuGet
661
pip
3,364
Pub
11
RubyGems
885
Rust
846
Swift
36
Unreviewed advisories
All unreviewed
5,000+

9,009 advisories

Loading
Microsoft Security Advisory CVE-2024-30045 | .NET Remote code Execution Vulnerability Moderate
CVE-2024-30045 was published for Microsoft.NetCore.App.Runtime.linux-arm (NuGet) May 14, 2024
Undertow Path Traversal vulnerability Moderate
CVE-2024-1459 was published for io.undertow:undertow-core (Maven) Feb 12, 2024
OrangeDog
PingCAP TiDB nil pointer dereference Moderate
CVE-2024-37820 was published for github.com/pingcap/tidb (Go) Jun 25, 2024
Zope Cross-site scripting (XSS) vulnerability in ZMI pages Moderate
CVE-2009-5145 was published for Zope2 (pip) May 2, 2022
Zope allows remote attackers to read arbitrary files Moderate
CVE-2006-4684 was published for zope2 (pip) May 1, 2022
Tahoe-LAFS fails to ensure integrity Moderate
CVE-2012-0051 was published for tahoe-lafs (pip) Apr 23, 2022
SFTPGo allows administrators to restrict command execution from the EventManager Moderate
CVE-2024-52309 was published for github.com/drakkan/sftpgo/v2 (Go) Nov 21, 2024
hyperreality
Capstone SEGV caused by a read memory access Moderate
CVE-2016-7151 was published for capstone (pip) May 24, 2022
Designate does not enforce the DNS protocol limit concerning record set sizes Moderate
CVE-2015-5694 was published for designate (pip) May 24, 2022
Designate mDNS DoS through incorrect handling of large RecordSets Moderate
CVE-2015-5695 was published for designate (pip) May 17, 2022
diplib Double Free Moderate
CVE-2021-39432 was published for diplib (pip) Nov 4, 2022
LIEF heap buffer overflow in the LIEF::MachO::BinaryParser::parse_dyldinfo_generic_bind Moderate
CVE-2022-43171 was published for lief (pip) Nov 18, 2022
OpenStack Identity (Keystone) UUID v2 tokens does not expire with revocation events Moderate
CVE-2014-5252 was published for keystone (pip) May 17, 2022
OpenStack Identity (Keystone) Multiple vulnerabilities in revocation events Moderate
CVE-2014-5251 was published for keystone (pip) May 17, 2022
OpenStack Keystone Domain-scoped tokens don't get revoked Moderate
CVE-2014-5253 was published for keystone (pip) May 17, 2022
OpenStack Identity (Keystone) Trustee token revocations does not work with memcache backend Moderate
CVE-2014-2237 was published for keystone (pip) May 17, 2022
OpenStack Image Service (Glance) allows remote authenticated users to read arbitrary file Moderate
CVE-2015-5163 was published for glance (pip) May 17, 2022
tdunlap607
OpenStack Identity Keystone Improper Access Control Moderate
CVE-2016-4911 was published for keystone (pip) May 17, 2022
OpenStack Dashboard (Horizon) Cross-site scripting (XSS) vulnerability Moderate
CVE-2015-3219 was published for horizon (pip) May 17, 2022
OpenStack Glance Denial of service by creating a large number of images Moderate
CVE-2014-9684 was published for glance (pip) May 17, 2022
OpenStack Glance Denial of service by creating a large number of images Moderate
CVE-2015-1881 was published for glance (pip) May 17, 2022
OpenStack Glance Signature Verification Bypass Moderate
CVE-2015-8234 was published for glance (pip) May 17, 2022
OpenStack Horizon Cross-site scripting (XSS) vulnerability Moderate
CVE-2012-2094 was published for horizon (pip) May 17, 2022
OpenStack Horizon Session Fixation Moderate
CVE-2012-2144 was published for horizon (pip) May 17, 2022
OpenStack Glance arbitrary deletion of non-protected images Moderate
CVE-2012-4573 was published for glance (pip) May 17, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database