GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,094
Erlang
29
GitHub Actions
19
Go
1,920
Maven
5,000+
npm
3,648
NuGet
638
pip
3,263
Pub
10
RubyGems
873
Rust
822
Swift
35
Unreviewed advisories
All unreviewed
5,000+
318 advisories
Filter by severity
Malformed S2 Nonce Get command classes can be sent to crash the gateway. A hard reset is...
High
Unreviewed
CVE-2024-3052
was published
Apr 27, 2024
A denial of service vulnerability exists in all Silicon Labs Z-Wave controller and endpoint...
Moderate
Unreviewed
CVE-2023-5310
was published
Dec 15, 2023
Malformed S2 Nonce Get Command Class packets can be sent to crash PC Controller v5.54.0 and...
Moderate
Unreviewed
CVE-2023-6640
was published
Feb 21, 2024
json2xml Uncaught Exception vulnerability
High
CVE-2022-25024
was published
for
json2xml
(pip)
Aug 23, 2023
Prior to v7.4.0, Ember ZNet is vulnerable to a denial of service attack through manipulation of...
High
Unreviewed
CVE-2023-6874
was published
Feb 5, 2024
An unauthenticated remote attacker can causes the CODESYS web server to access invalid memory...
High
Unreviewed
CVE-2024-8175
was published
Sep 25, 2024
Potential Captcha Validate Bypass in flask-session-captcha
Moderate
CVE-2022-24880
was published
for
flask-session-captcha
(pip)
Apr 26, 2022
When checking if the Browsing Context had been discarded in `HttpBaseChannel`, if the load group...
High
Unreviewed
CVE-2023-4583
was published
Sep 11, 2023
Cipher.update_into can corrupt memory if passed an immutable python object as the outbuf
Moderate
CVE-2023-23931
was published
for
cryptography
(pip)
Feb 7, 2023
A vulnerability in the ClamD service module of Clam AntiVirus (ClamAV) versions 1.4.0, 1.3.2 and...
Moderate
Unreviewed
CVE-2024-20506
was published
Sep 5, 2024
A null pointer dereference flaw was found in Libtiff via `tif_dirinfo.c`. This issue may allow an...
Moderate
Unreviewed
CVE-2024-7006
was published
Aug 12, 2024
In wlan, there is a possible denial of service due to incorrect error handling. This could lead...
High
Unreviewed
CVE-2024-20089
was published
Sep 2, 2024
An application can be configured to block boot attempts after consecutive tamper resets are...
Low
Unreviewed
CVE-2024-2502
was published
Aug 30, 2024
In pq, there is a possible write-what-where condition due to an incorrect bounds check. This...
Moderate
Unreviewed
CVE-2024-20037
was published
Mar 4, 2024
Mattermost versions 9.9.x <= 9.9.1, 9.5.x <= 9.5.7, 9.10.x <= 9.10.0, 9.8.x <= 9.8.2 fail to...
Moderate
Unreviewed
CVE-2024-42411
was published
Aug 22, 2024
In the Linux kernel, the following vulnerability has been resolved:
tipc: Return non-zero value...
High
Unreviewed
CVE-2024-42284
was published
Aug 17, 2024
DoS in KAS in GitLab CE/EE affecting all versions from 16.10.0 prior to 16.10.6 and 16.11.0 prior...
Low
Unreviewed
CVE-2024-5469
was published
Jun 14, 2024
Jenkins Remoting library arbitrary file read vulnerability
Critical
CVE-2024-43044
was published
for
org.jenkins-ci.main:jenkins-core
(Maven)
Aug 7, 2024
CVE-2024-40619 IMPACT
A denial-of-service vulnerability exists in the affected products. The...
High
Unreviewed
CVE-2024-40619
was published
Aug 14, 2024
Improper conditions check in Linux kernel mode driver for some Intel(R) Ethernet Network...
Moderate
Unreviewed
CVE-2024-21806
was published
Aug 14, 2024
An Improper Check for Unusual or Exceptional Conditions vulnerability in the Layer 2 Address...
High
Unreviewed
CVE-2024-39517
was published
Jul 11, 2024
An Improper Check for Unusual or Exceptional Conditions vulnerability in packet processing of...
High
Unreviewed
CVE-2024-39559
was published
Jul 11, 2024
An Improper Check for Unusual or Exceptional Conditions vulnerability in the flow daemon (flowd)...
Moderate
Unreviewed
CVE-2024-39561
was published
Jul 11, 2024
In the Linux kernel, the following vulnerability has been resolved:
tcp_metrics: validate source...
Critical
Unreviewed
CVE-2024-42154
was published
Jul 30, 2024
socket.io has an unhandled 'error' event
High
CVE-2024-38355
was published
for
socket.io
(npm)
Jun 19, 2024
ProTip!
Advisories are also available from the
GraphQL API