GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,224
Erlang
31
GitHub Actions
19
Go
1,990
Maven
5,000+
npm
3,706
NuGet
661
pip
3,336
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+
36 advisories
Filter by severity
Denial of Service in https-proxy-agent
Critical
CVE-2018-3739
was published
for
https-proxy-agent
(npm)
Jul 27, 2018
Remote code injection, Improper Input Validation and Uncontrolled Recursion in Log4j library
Critical
GHSA-3qpm-h9ch-px3c
was published
for
org.powernukkit:powernukkit
(Maven)
Jan 6, 2022
Security Advisory for "Log4Shell"
Critical
GHSA-v57x-gxfj-484q
was published
for
com.hazelcast.jet:hazelcast-jet
(Maven)
Jan 21, 2022
Certain General Electric Renewable Energy products allow attackers to use a code to trigger a...
Critical
Unreviewed
CVE-2022-24118
was published
Dec 26, 2022
StarWind iSCSI SAN before 6.0 build 2013-03-20 allows a memory leak.
Critical
Unreviewed
CVE-2013-20004
was published
Feb 12, 2022
In IoTivity through 1.3.1, the CoAP server interface can be used for Distributed Denial of...
Critical
Unreviewed
CVE-2019-9750
was published
May 13, 2022
The NetBSD qsort() function is recursive, and not randomized, an attacker can construct a...
Critical
Unreviewed
CVE-2017-1000378
was published
May 13, 2022
Rockwell Automation PowerFlex 525 AC Drives 5.001 and earlier allow remote attackers to cause a...
Critical
Unreviewed
CVE-2018-19282
was published
May 14, 2022
The i_zval_ptr_dtor function in Zend/zend_variables.h in PHP 7.1.5 allows attackers to cause a...
Critical
Unreviewed
CVE-2017-9119
was published
May 14, 2022
There is an Uncontrolled resource consumption vulnerability in the display module in smartphones....
Critical
Unreviewed
CVE-2021-40011
was published
Jan 11, 2022
Server-Side Request Forgery and Uncontrolled Resource Consumption in LemMinX
Critical
CVE-2022-0671
was published
for
org.eclipse.lemminx:lemminx-parent
(Maven)
Feb 19, 2022
Rocket Software UniData versions prior to 8.2.4 build 3003 and UniVerse versions prior to 11.3.5...
Critical
Unreviewed
CVE-2023-28507
was published
Mar 29, 2023
bson is vulnerable to denial of service due to incorrect regex validation
Critical
CVE-2015-4412
was published
for
bson
(RubyGems)
Mar 5, 2018
ecnepsnai/web vulnerable to Uncontrolled Resource Consumption
Critical
CVE-2021-4236
was published
for
github.com/ecnepsnai/web
(Go)
Dec 28, 2022
Prototype Pollution in just-extend
Critical
CVE-2018-16489
was published
for
just-extend
(npm)
Feb 7, 2019
Prototype Pollution in node.extend
Critical
CVE-2018-16491
was published
for
node.extend
(npm)
Feb 7, 2019
Prototype Pollution in defaults-deep
Critical
CVE-2018-16486
was published
for
defaults-deep
(npm)
Feb 7, 2019
Prototype Pollution in asciitable.js
Critical
CVE-2020-7771
was published
for
asciitable.js
(npm)
Apr 13, 2021
JSONUtil vulnerable to stack exhaustion
Critical
CVE-2023-34615
was published
for
net.pwall.json:jsonutil
(Maven)
Jun 14, 2023
Through the exploitation of active user sessions, an attacker could send custom requests to...
Critical
Unreviewed
CVE-2023-50707
was published
Dec 20, 2023
Index of array is processed in a wrong way inside a while loop and result in invalid index (-1 or...
Critical
Unreviewed
CVE-2018-11936
was published
May 24, 2022
Resource allocation error while playing the video whose dimensions are more than supported...
Critical
Unreviewed
CVE-2019-2259
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API