GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,273
Erlang
31
GitHub Actions
21
Go
2,055
Maven
5,000+
npm
3,739
NuGet
668
pip
3,417
Pub
12
RubyGems
891
Rust
872
Swift
36
Unreviewed advisories
All unreviewed
5,000+
40 advisories
Filter by severity
Denial of Service vulnerability in @podium/layout and @podium/proxy
High
CVE-2022-24822
was published
for
@podium/layout
(npm)
Apr 7, 2022
Uncaught Exception in jsoup
High
CVE-2021-37714
was published
for
org.jsoup:jsoup
(Maven)
Aug 23, 2021
A vulnerability has been identified in SIMATIC CP 443-1 OPC UA (All versions), SIMATIC ET 200SP...
High
Unreviewed
CVE-2019-6575
was published
May 13, 2022
A vulnerability has been identified in SIMATIC ET 200SP Open Controller (incl. SIPLUS variants) ...
High
Unreviewed
CVE-2020-15796
was published
May 24, 2022
Denial-of-Service when binding invalid parameters in sqlite3
High
CVE-2022-21227
was published
for
sqlite3
(npm)
Apr 28, 2022
Crash when decoding malformed HTTP requests or malformed JSON payload
High
CVE-2018-1330
was published
for
org.apache.mesos:mesos
(Maven)
May 14, 2022
Uncaught Exception leading to Denial of Service in json-sanitizer
High
CVE-2021-23900
was published
for
com.mikesamuel:json-sanitizer
(Maven)
May 13, 2021
DOS and Open Redirect with user input
High
CVE-2021-22964
was published
for
fastify-static
(npm)
Oct 12, 2021
Uncaught Exception in thorsten/phpmyfaq
High
CVE-2023-0790
was published
for
thorsten/phpmyfaq
(Composer)
Feb 12, 2023
fastify/websocket vulnerable to uncaught exception via crash on malformed packet
High
CVE-2022-39386
was published
for
@fastify/websocket
(npm)
Nov 7, 2022
A vulnerability in the processing of malformed Common Industrial Protocol (CIP) packets that are...
High
Unreviewed
CVE-2022-20919
was published
Oct 1, 2022
DoS vulnerability for apps with sockets enabled
High
CVE-2023-38504
was published
for
sails
(npm)
Jul 27, 2023
quic-go vulnerable to pointer dereference that can lead to panic
High
CVE-2023-46239
was published
for
github.com/quic-go/quic-go
(Go)
Oct 30, 2023
phonenumber panics on parsing crafted RFC3966 inputs
High
CVE-2023-42444
was published
for
phonenumber
(Rust)
Sep 21, 2023
Uncaught exception for some Intel Unison software may allow an authenticated user to potentially...
High
Unreviewed
CVE-2023-22292
was published
Nov 14, 2023
In Splunk Enterprise versions below 8.1.13, 8.2.10, and 9.0.4, an improperly-formatted ...
High
Unreviewed
CVE-2023-22941
was published
Jul 6, 2023
A vulnerability in ICMPv6 processing of Cisco Adaptive Security Appliance (ASA) Software and...
High
Unreviewed
CVE-2023-20086
was published
Nov 1, 2023
A flaw was found in Open vSwitch where multiple versions are vulnerable to crafted Geneve packets...
High
Unreviewed
CVE-2023-3966
was published
Feb 22, 2024
A vulnerability in Cisco IOS Software for Cisco Catalyst 6000 Series Switches could allow an...
High
Unreviewed
CVE-2024-20276
was published
Mar 27, 2024
Vulnerability of failures to capture exceptions in the communication framework. Successful...
High
Unreviewed
CVE-2023-1691
was published
Jul 6, 2023
Denial of Service Vulnerability in gRPC TCP Server (Posix-compatible platforms)
High
CVE-2023-4785
was published
for
grpc
(RubyGems)
Sep 13, 2023
ProTip!
Advisories are also available from the
GraphQL API