GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,273
Erlang
31
GitHub Actions
21
Go
2,055
Maven
5,000+
npm
3,739
NuGet
668
pip
3,417
Pub
12
RubyGems
891
Rust
872
Swift
36
Unreviewed advisories
All unreviewed
5,000+
101,332 advisories
Filter by severity
Access of memory location after end of buffer issue exists in TELLUS v4.0.15.0 and TELLUS Lite v4...
High
Unreviewed
CVE-2023-32270
was published
Jun 19, 2023
In the Linux kernel, the following vulnerability has been resolved:
drm/amd/display: Fix a...
High
Unreviewed
CVE-2024-27045
was published
May 1, 2024
In the Linux kernel, the following vulnerability has been resolved:
drm/vkms: Avoid reading...
High
Unreviewed
CVE-2023-52649
was published
May 1, 2024
In the Linux kernel, the following vulnerability has been resolved:
wifi: mt76: mt7925e: fix use...
High
Unreviewed
CVE-2024-27049
was published
May 1, 2024
In the Linux kernel, the following vulnerability has been resolved:
usb: gadget: f_ncm: Fix UAF...
High
Unreviewed
CVE-2024-26996
was published
May 1, 2024
In the Linux kernel, the following vulnerability has been resolved:
drm/amdgpu: Fix potential...
High
Unreviewed
CVE-2024-27042
was published
May 1, 2024
In the Linux kernel, the following vulnerability has been resolved:
blk-cgroup: fix UAF by...
High
Unreviewed
CVE-2021-47379
was published
May 21, 2024
In the Linux kernel, the following vulnerability has been resolved:
media: edia: dvbdev: fix a...
High
Unreviewed
CVE-2024-27043
was published
May 1, 2024
In the Linux kernel, the following vulnerability has been resolved:
arm64: hibernate: Fix level3...
High
Unreviewed
CVE-2024-26989
was published
May 1, 2024
ColdFusion versions 2023.11, 2021.17 and earlier are affected by an Improper Limitation of a...
High
Unreviewed
CVE-2024-53961
was published
Dec 23, 2024
In the Linux kernel, the following vulnerability has been resolved:
drm/amdgpu: fix mmhub client...
High
Unreviewed
CVE-2024-27029
was published
May 1, 2024
In the Linux kernel, the following vulnerability has been resolved:
usb: typec: tcpm: Correct...
High
Unreviewed
CVE-2024-26995
was published
May 1, 2024
In the Linux kernel, the following vulnerability has been resolved:
net/rds: fix WARNING in...
High
Unreviewed
CVE-2024-27024
was published
May 1, 2024
In the Linux kernel, the following vulnerability has been resolved:
nilfs2: fix OOB in...
High
Unreviewed
CVE-2024-26981
was published
May 1, 2024
Apache Hive and Spark: CookieSigner exposes the correct signature when message verification fails
High
CVE-2024-23945
was published
for
org.apache.hive:hive-service
(Maven)
Dec 23, 2024
Remote Command Execution in file editing in gogs
High
CVE-2024-54148
was published
for
gogs.io/gogs
(Go)
Dec 23, 2024
Path Traversal in file update API in gogs
High
CVE-2024-55947
was published
for
gogs.io/gogs
(Go)
Dec 23, 2024
Gogs allows argument Injection when tagging new releases
High
CVE-2024-39933
was published
for
gogs.io/gogs
(Go)
Dec 23, 2024
Duplicate Advisory: Gogs allows argument injection during the tagging of a new release
High
GHSA-8mm6-wmpp-mmm3
was published
for
github.com/gogs/gogs
(Go)
Jul 4, 2024
•
withdrawn
Navidrome Stores JWT Secret in Plaintext in navidrome.db
High
CVE-2024-56362
was published
for
github.com/navidrome/navidrome
(Go)
Dec 23, 2024
Keycloak mTLS Authentication Bypass via Reverse Proxy TLS Termination
High
CVE-2024-10039
was published
for
org.keycloak:keycloak-core
(Maven)
Nov 25, 2024
In the Linux kernel, the following vulnerability has been resolved:
media: ngene: Fix out-of...
High
Unreviewed
CVE-2021-47288
was published
May 21, 2024
In the Linux kernel, the following vulnerability has been resolved:
ipv6: fix another slab-out...
High
Unreviewed
CVE-2021-47291
was published
May 21, 2024
ASA-2024-0012, ASA-2024-0013: CosmosSDK: Transaction decoding may result in a stack overflow or resource exhaustion
High
GHSA-8wcc-m6j2-qxvm
was published
for
cosmossdk.io/x/tx
(Go)
Dec 16, 2024
Keycloak's admin API allows low privilege users to use administrative functions
High
CVE-2024-3656
was published
for
org.keycloak:keycloak-services
(Maven)
Jun 11, 2024
ProTip!
Advisories are also available from the
GraphQL API