GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,224
Erlang
31
GitHub Actions
19
Go
1,990
Maven
5,000+
npm
3,706
NuGet
661
pip
3,336
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+
37 advisories
Filter by severity
Vulnerability of uncaught exceptions in the NFC module. Successful exploitation of this...
High
Unreviewed
CVE-2023-46765
was published
Nov 8, 2023
SurrealDB has an Uncaught Exception Handling Parsing Errors on Empty Strings
High
GHSA-qjrv-v6qp-x99x
was published
for
surrealdb
(Rust)
Oct 8, 2024
Motorola EBTS/MBTS Site Controller drops to debug prompt on unhandled exception. The Motorola...
High
Unreviewed
CVE-2023-23774
was published
Aug 29, 2023
Malformed Device Reset Locally command classes can be sent to temporarily deny service to an end...
High
Unreviewed
CVE-2024-3051
was published
Apr 27, 2024
Malformed S2 Nonce Get command classes can be sent to crash the gateway. A hard reset is...
High
Unreviewed
CVE-2024-3052
was published
Apr 27, 2024
json2xml Uncaught Exception vulnerability
High
CVE-2022-25024
was published
for
json2xml
(pip)
Aug 23, 2023
Keylime: unhandled exceptions could lead to invalid attestation states
High
CVE-2022-3500
was published
for
Keylime
(pip)
Oct 28, 2022
panic on parsing crafted phonenumber inputs
High
CVE-2024-39697
was published
for
phonenumber
(Rust)
Jul 9, 2024
Unchecked parameter value in M-Files Server in versions before 23.6.12695.3 (excluding 23.2 SR2...
High
Unreviewed
CVE-2023-3405
was published
Jun 27, 2023
Boa has an uncaught exception when transitioning the state of `AsyncGenerator` objects
High
CVE-2024-43367
was published
for
boa_engine
(Rust)
Aug 14, 2024
Panic when parsing invalid palette-color images in golang.org/x/image
High
CVE-2024-24792
was published
for
golang.org/x/image
(Go)
Jun 26, 2024
badmonkey, a Security Researcher has found a flaw that allows for a unauthenticated DoS attack on...
High
Unreviewed
CVE-2023-5038
was published
Jun 25, 2024
Denial of Service Vulnerability in gRPC TCP Server (Posix-compatible platforms)
High
CVE-2023-4785
was published
for
grpc
(RubyGems)
Sep 13, 2023
Vulnerability of failures to capture exceptions in the communication framework. Successful...
High
Unreviewed
CVE-2023-1691
was published
Jul 6, 2023
A vulnerability in Cisco IOS Software for Cisco Catalyst 6000 Series Switches could allow an...
High
Unreviewed
CVE-2024-20276
was published
Mar 27, 2024
A flaw was found in Open vSwitch where multiple versions are vulnerable to crafted Geneve packets...
High
Unreviewed
CVE-2023-3966
was published
Feb 22, 2024
A vulnerability in ICMPv6 processing of Cisco Adaptive Security Appliance (ASA) Software and...
High
Unreviewed
CVE-2023-20086
was published
Nov 1, 2023
In Splunk Enterprise versions below 8.1.13, 8.2.10, and 9.0.4, an improperly-formatted ...
High
Unreviewed
CVE-2023-22941
was published
Jul 6, 2023
Uncaught exception for some Intel Unison software may allow an authenticated user to potentially...
High
Unreviewed
CVE-2023-22292
was published
Nov 14, 2023
phonenumber panics on parsing crafted RFC3966 inputs
High
CVE-2023-42444
was published
for
phonenumber
(Rust)
Sep 21, 2023
quic-go vulnerable to pointer dereference that can lead to panic
High
CVE-2023-46239
was published
for
github.com/quic-go/quic-go
(Go)
Oct 30, 2023
DoS vulnerability for apps with sockets enabled
High
CVE-2023-38504
was published
for
sails
(npm)
Jul 27, 2023
A vulnerability in the processing of malformed Common Industrial Protocol (CIP) packets that are...
High
Unreviewed
CVE-2022-20919
was published
Oct 1, 2022
ProTip!
Advisories are also available from the
GraphQL API