GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,133
Erlang
29
GitHub Actions
19
Go
1,939
Maven
5,000+
npm
3,677
NuGet
643
pip
3,295
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+
35 advisories
Filter by severity
The ctl_report_supported_opcodes function did not sufficiently validate a field provided by...
High
Unreviewed
CVE-2024-42416
was published
Sep 5, 2024
panic on parsing crafted phonenumber inputs
High
CVE-2024-39697
was published
for
phonenumber
(Rust)
Jul 9, 2024
A sym-linked file accessed via the repair function in Avast Antivirus <24.2 on Windows may allow...
High
Unreviewed
CVE-2024-5102
was published
Jun 10, 2024
Improper Validation of Specified Quantity in Input vulnerability in Tips and Tricks HQ WP Express...
High
Unreviewed
CVE-2024-30527
was published
May 17, 2024
phonenumber panics on parsing crafted RFC3966 inputs
High
CVE-2023-42444
was published
for
phonenumber
(Rust)
Sep 21, 2023
blurhash panics on parsing crafted inputs
High
CVE-2023-42447
was published
for
blurhash
(Rust)
Sep 21, 2023
Denial-of-service (DoS) vulnerability due to improper validation of specified type of input issue...
High
Unreviewed
CVE-2023-38744
was published
Aug 3, 2023
jcvi vulnerable to Configuration Injection due to unsanitized user input
High
CVE-2023-35932
was published
for
jcvi
(pip)
Jun 23, 2023
A denial of service attack might be launched against the server if an unusually lengthy password ...
High
Unreviewed
CVE-2023-30082
was published
Jun 14, 2023
A flaw was found in the c-ares package. The ares_set_sortlist is missing checks about the...
High
Unreviewed
CVE-2022-4904
was published
Mar 7, 2023
For certain systems running EOS, a Precision Time Protocol (PTP) packet of a management/signaling...
High
Unreviewed
CVE-2021-28510
was published
Jan 26, 2023
The demon image annotation plugin for WordPress is vulnerable to improper input validation in...
High
Unreviewed
CVE-2022-4171
was published
Dec 13, 2022
A vulnerability has been identified in SIMATIC Drive Controller family (All versions < V3.0.1),...
High
Unreviewed
CVE-2021-44693
was published
Dec 13, 2022
Multiple vulnerabilities in the Cisco Discovery Protocol functionality of Cisco ATA 190 Series...
High
Unreviewed
CVE-2022-20689
was published
Dec 12, 2022
Multiple vulnerabilities in the Cisco Discovery Protocol functionality of Cisco ATA 190 Series...
High
Unreviewed
CVE-2022-20690
was published
Dec 12, 2022
conduit-hyper vulnerable to Denial of Service from unchecked request length
High
CVE-2022-39294
was published
for
conduit-hyper
(Rust)
Oct 31, 2022
parse-server crashes when receiving file download request with invalid byte range
High
CVE-2022-39313
was published
for
parse-server
(npm)
Oct 18, 2022
linked_list_allocator vulnerable to out-of-bound writes on `Heap` initialization and `Heap::extend`
High
CVE-2022-36086
was published
for
linked_list_allocator
(Rust)
Sep 16, 2022
Improper Input Validation vulnerability exists in the Hitachi Energy MicroSCADA X SYS600's ICCP...
High
Unreviewed
CVE-2022-2277
was published
Sep 15, 2022
libtiff's tiffcrop utility has a improper input validation flaw that can lead to out of bounds...
High
Unreviewed
CVE-2022-2868
was published
Aug 18, 2022
NHI’s health insurance web service component has insufficient validation for input string length,...
High
Unreviewed
CVE-2021-45918
was published
Jun 21, 2022
The rds_page_copy_user function in net/rds/page.c in the Reliable Datagram Sockets (RDS) protocol...
High
Unreviewed
CVE-2010-3904
was published
May 13, 2022
A vulnerability in the HCI Modbus TCP COMPONENT of Hitachi Energy RTU500 series CMU Firmware that...
High
Unreviewed
CVE-2022-28613
was published
May 3, 2022
src/sdp.c in bluez-libs 3.30 in BlueZ, and other bluez-libs before 3.34 and bluez-utils before 3...
High
Unreviewed
CVE-2008-2374
was published
May 1, 2022
Microsoft Windows XP SP2 and SP3, and Server 2003 SP1 and SP2, does not properly validate the...
High
Unreviewed
CVE-2008-1440
was published
May 1, 2022
ProTip!
Advisories are also available from the
GraphQL API