Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,793
Erlang
29
GitHub Actions
16
Go
1,710
Maven
4,947
npm
3,475
NuGet
605
pip
3,001
Pub
10
RubyGems
828
Rust
773
Swift
34
Unreviewed advisories
All unreviewed
5,000+

283 advisories

Tor Arti's STUB circuits incorrectly have a length of 2 High
CVE-2024-35312 was published for arti (Rust) May 18, 2024
Tor path lengths too short when "full Vanguards" configured Moderate
CVE-2024-35313 was published for arti (Rust) May 18, 2024
Improper conditions check in Intel(R) Power Gadget software for macOS all versions may allow an... Low Unreviewed
CVE-2023-38420 was published May 16, 2024
Previous ATX is not checked to be the newest valid ATX by Smesher when validating incoming ATX High
CVE-2024-34360 was published for github.com/spacemeshos/api (Go) May 10, 2024
Malformed S2 Nonce Get command classes can be sent to crash the gateway. A hard reset is... High Unreviewed
CVE-2024-3052 was published Apr 27, 2024
Mattermost crashes web clients via a malformed custom status Moderate
CVE-2024-4182 was published for github.com/mattermost/mattermost-server (Go) Apr 26, 2024
An Improper Check for Unusual or Exceptional Conditions vulnerability in the the Public Key... High Unreviewed
CVE-2024-30397 was published Apr 12, 2024
An Improper Check for Unusual or Exceptional Conditions vulnerability in the Layer 2 Address... Moderate Unreviewed
CVE-2024-30402 was published Apr 12, 2024
An Improper Check for Unusual or Exceptional Conditions vulnerability in the Packet Forwarding... Moderate Unreviewed
CVE-2024-30384 was published Apr 12, 2024
An Improper Check for Unusual or Exceptional Conditions vulnerability in telemetry processing of... Moderate Unreviewed
CVE-2024-30409 was published Apr 12, 2024
HPACK decoder panics on invalid input High
GHSA-w7hm-hmxv-pvhf was published for hpack (Rust) Apr 5, 2024
In the Linux kernel, the following vulnerability has been resolved: i2c: validate user data in... Low Unreviewed
CVE-2021-46934 was published Feb 27, 2024
In the Linux kernel, the following vulnerability has been resolved: ARM: footbridge: fix PCI... Moderate Unreviewed
CVE-2021-46909 was published Feb 27, 2024
Malformed S2 Nonce Get Command Class packets can be sent to crash PC Controller v5.54.0 and... Moderate Unreviewed
CVE-2023-6640 was published Feb 21, 2024
XSS sidekiq-unique-jobs UI server vulnerability High
CVE-2024-25122 was published for sidekiq-unique-jobs (RubyGems) Feb 13, 2024
pboling Earlopain
create_empty_lvol in drivers/mtd/ubi/vtbl.c in the Linux kernel through 6.7.4 can attempt to... Moderate Unreviewed
CVE-2024-25739 was published Feb 12, 2024
dm_table_create in drivers/md/dm-table.c in the Linux kernel through 6.7.4 can attempt to (in... Moderate Unreviewed
CVE-2023-52429 was published Feb 12, 2024
Prior to v7.4.0, Ember ZNet is vulnerable to a denial of service attack through manipulation of... High Unreviewed
CVE-2023-6874 was published Feb 5, 2024
moby docker daemon crash during image pull of malicious image Moderate
CVE-2021-21285 was published for github.com/moby/moby (Go) Jan 31, 2024
bgeesaman joshlarsen
IanColdwater mauilion raesene cpuguy83
BuildKit vulnerable to possible panic when incorrect parameters sent from frontend Moderate
CVE-2024-23650 was published for github.com/moby/buildkit (Go) Jan 31, 2024
cpuguy83
Vyper's raw_call `value=` kwargs not disabled for static and delegate calls Moderate
CVE-2024-24567 was published for vyper (pip) Jan 30, 2024
cyberthirst pcaversaccio
kuroi8 0xdeadbeef0x
Vulnerability of improper checking for unusual or exceptional conditions in Lamassu Bitcoin ATM... Moderate Unreviewed
CVE-2024-0675 was published Jan 30, 2024
An Improper Check for Unusual or Exceptional Conditions vulnerability in Routing Protocol Daemon... High Unreviewed
CVE-2024-21614 was published Jan 12, 2024
An Improper Check for Unusual or Exceptional Conditions vulnerability in the kernel of Juniper... Moderate Unreviewed
CVE-2024-21603 was published Jan 12, 2024
The Gallery Plugin for WordPress – Envira Photo Gallery plugin for WordPress is vulnerable to... Moderate Unreviewed
CVE-2023-6742 was published Jan 11, 2024
ProTip! Advisories are also available from the GraphQL API