Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,358
Erlang
33
GitHub Actions
22
Go
2,123
Maven
5,000+
npm
3,786
NuGet
683
pip
3,466
Pub
12
RubyGems
894
Rust
892
Swift
38
Unreviewed advisories
All unreviewed
5,000+

156 advisories

Loading
When checking if the Browsing Context had been discarded in `HttpBaseChannel`, if the load group... High Unreviewed
CVE-2023-4583 was published Sep 11, 2023
json2xml Uncaught Exception vulnerability High
CVE-2022-25024 was published for json2xml (pip) Aug 23, 2023
Feathers socket handler allows abusing implicit toString High
CVE-2023-37899 was published for @feathersjs/socketio (npm) Jul 20, 2023
CodeanIO
An Improper Check for Unusual or Exceptional Conditions vulnerability in the Packet Forwarding... High Unreviewed
CVE-2023-36835 was published Jul 14, 2023
VirtualSquare picoTCP (aka PicoTCP-NG) through 2.1 does not properly check whether header sizes... High Unreviewed
CVE-2023-35849 was published Jun 19, 2023
In __efi_rt_asm_wrapper of efi-rt-wrapper.S, there is a possible bypass of shadow stack... High Unreviewed
CVE-2023-21102 was published May 16, 2023
A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists that could... High Unreviewed
CVE-2023-25619 was published Apr 19, 2023
An Improper Check for Unusual or Exceptional Conditions vulnerability in the packet forwarding... High Unreviewed
CVE-2023-28976 was published Apr 18, 2023
An Improper Check or Handling of Exceptional Conditions within the storm control feature of... High Unreviewed
CVE-2023-28965 was published Apr 18, 2023
libiec61850 v1.5.1 was discovered to contain a segmentation violation via the function... High Unreviewed
CVE-2023-27772 was published Apr 13, 2023
HyperKit is a toolkit for embedding hypervisor capabilities in an application. In versions 0... High Unreviewed
CVE-2021-32846 was published Feb 18, 2023
Improper conditions check in the Intel(R) SUR software before version 2.4.8902 may allow an... High Unreviewed
CVE-2022-30692 was published Feb 16, 2023
An Improper Check for Unusual or Exceptional Conditions vulnerability in BGP route processing of... High Unreviewed
CVE-2023-22393 was published Jan 13, 2023
An improper check for unusual or exceptional conditions in the HTTP request processing function... High Unreviewed
CVE-2022-43393 was published Jan 11, 2023
Improper Check for Unusual or Exceptional Conditions vulnerability handling requests in Apache... High Unreviewed
CVE-2022-32749 was published Dec 19, 2022
Incorrect pointer checks within the NvmExpressDxe driver can allow tampering with SMRAM and OS... High Unreviewed
CVE-2022-29278 was published Nov 16, 2022
Improper conditions check in some Intel(R) XMM(TM) 7560 Modem software before version... High Unreviewed
CVE-2022-26079 was published Nov 11, 2022
On SRX Series devices, an Improper Check for Unusual or Exceptional Conditions when using... High Unreviewed
CVE-2022-22218 was published Oct 18, 2022
fastify vulnerable to denial of service via malicious Content-Type High
CVE-2022-39288 was published for fastify (npm) Oct 11, 2022
B-i-t-K
A vulnerability in the DNS application layer gateway (ALG) functionality that is used by Network... High Unreviewed
CVE-2022-20837 was published Oct 11, 2022
An issue was discovered in wolfSSL before 5.5.0. When a TLS 1.3 client connects to a wolfSSL... High Unreviewed
CVE-2022-38152 was published Sep 1, 2022
An unauthenticated user can overload a part of HCL VersionVault Express and cause a denial of... High Unreviewed
CVE-2022-27563 was published Aug 31, 2022
An issue was discovered in Nginx NJS v0.7.5. The JUMP offset for a break instruction was not set... High Unreviewed
CVE-2022-35173 was published Aug 19, 2022
Improper handling of CSS at-rules in lettersanitizer High
CVE-2022-31103 was published for lettersanitizer (npm) Jun 23, 2022
Improper Handling of `callbackUrl` parameter in next-auth High
CVE-2022-31093 was published for next-auth (npm) Jun 21, 2022
stensrud
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database