GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,386
Erlang
33
GitHub Actions
22
Go
2,144
Maven
5,000+
npm
3,808
NuGet
687
pip
3,480
Pub
12
RubyGems
897
Rust
898
Swift
38
Unreviewed advisories
All unreviewed
5,000+
60 advisories
Filter by severity
In updateInputChannel of WindowManagerService.java, there is a possible way to set a touchable...
Moderate
Unreviewed
CVE-2023-21026
was published
Mar 24, 2023
In BitmapExport.java, there is a possible failure to truncate images due to a logic error in the...
Moderate
Unreviewed
CVE-2023-21036
was published
Mar 24, 2023
CometBFT allows a malicious peer to make node stuck in blocksync
Moderate
CVE-2025-24371
was published
for
github.com/cometbft/cometbft
(Go)
Feb 3, 2025
Vyper Does Not Check the Success of Certain Precompile Calls
Low
CVE-2025-21607
was published
for
vyper
(pip)
Jan 14, 2025
Lodestar snappy decompression issue
Low
GHSA-53rv-hcvm-rpp9
was published
for
@lodestar/reqresp
(npm)
Jan 14, 2025
notation-go has an OS error when setting CRL cache leads to denial of signature verification
Low
CVE-2024-51491
was published
for
github.com/notaryproject/notation-go
(Go)
Jan 13, 2025
Improper check of password character lenght in ORing IAP-420 allows a forced deadlock. This issue...
Moderate
Unreviewed
CVE-2024-55548
was published
Dec 10, 2024
The Spam protection, Anti-Spam, FireWall by CleanTalk plugin for WordPress is vulnerable to...
High
Unreviewed
CVE-2024-10781
was published
Nov 26, 2024
AVEVA PI Server versions 2023 and 2018 SP3 P05 and prior contain a vulnerability that could...
High
Unreviewed
CVE-2023-34348
was published
Jan 18, 2024
The UltimateAI plugin for WordPress is vulnerable to authentication bypass in all versions up to,...
Moderate
Unreviewed
CVE-2024-9104
was published
Oct 16, 2024
An XML entity expansion or XEE vulnerability in SAML component of Ivanti Connect Secure (9.x, 22...
Moderate
Unreviewed
CVE-2024-22023
was published
Apr 4, 2024
A null pointer dereference vulnerability in IPSec component of Ivanti Connect Secure (9.x, 22.x)...
High
Unreviewed
CVE-2024-22052
was published
Apr 4, 2024
A heap overflow vulnerability in IPSec component of Ivanti Connect Secure (9.x, 22.x) and Ivanti...
High
Unreviewed
CVE-2024-21894
was published
Apr 5, 2024
A heap overflow vulnerability in IPSec component of Ivanti Connect Secure (9.x
22.x) and Ivanti...
High
Unreviewed
CVE-2024-22053
was published
Apr 4, 2024
Motorola EBTS/MBTS Site Controller drops to debug prompt on unhandled exception. The Motorola...
High
Unreviewed
CVE-2023-23774
was published
Aug 29, 2023
An unhandled edge case in the component _sanitizedPath of ZipArchive v2.5.4 allows attackers to...
Moderate
Unreviewed
CVE-2023-39136
was published
Aug 31, 2023
Denial of service due to incorrect application of event authorization rules
High
CVE-2022-31152
was published
for
matrix-synapse
(pip)
Aug 31, 2022
HashiCorpVault does not correctly validate OCSP responses
Moderate
CVE-2024-2660
was published
for
github.com/hashicorp/vault
(Go)
Apr 4, 2024
A flaw was found in KVM. An improper check in svm_set_x2apic_msr_interception() may allow direct...
Moderate
Unreviewed
CVE-2023-5090
was published
Nov 6, 2023
A vulnerability has been identified in SIMATIC Reader RF610R CMIIT (6GT2811-6BC10-2AA0) (All...
Low
Unreviewed
CVE-2024-37995
was published
Sep 10, 2024
A vulnerability has been identified in SIMATIC Reader RF610R CMIIT (6GT2811-6BC10-2AA0) (All...
Moderate
Unreviewed
CVE-2024-37992
was published
Sep 10, 2024
Hashicorp Vault vulnerable to Improper Check or Handling of Exceptional Conditions
High
CVE-2024-6468
was published
for
github.com/hashicorp/vault
(Go)
Jul 11, 2024
In wlan, there is a possible denial of service due to incorrect error handling. This could lead...
High
Unreviewed
CVE-2024-20089
was published
Sep 2, 2024
Improper check or handling of exceptional conditions vulnerability
affecting Vonets
...
Critical
Unreviewed
CVE-2024-39815
was published
Aug 12, 2024
node-twain vulnerable to Improper Check or Handling of Exceptional Conditions
High
CVE-2024-21525
was published
for
node-twain
(npm)
Jul 10, 2024
ProTip!
Advisories are also available from the
GraphQL API