Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,635
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

78 advisories

Loading
phonenumber panics on parsing crafted RFC3966 inputs High
CVE-2023-42444 was published for phonenumber (Rust) Sep 21, 2023
sno2 gferon
Credited to sno2 and gferon
Denial of Service Vulnerability in gRPC TCP Server (Posix-compatible platforms) High
CVE-2023-4785 was published for grpc (RubyGems) Sep 13, 2023
hahwul
Credited to hahwul
Motorola EBTS/MBTS Site Controller drops to debug prompt on unhandled exception. The Motorola... High Unreviewed
CVE-2023-23774 was published Aug 29, 2023
json2xml Uncaught Exception vulnerability High
CVE-2022-25024 was published for json2xml (pip) Aug 23, 2023
DoS vulnerability for apps with sockets enabled High
CVE-2023-38504 was published for sails (npm) Jul 27, 2023
ThomasRinsma DominusKelvin
eashaw
Credited to ThomasRinsma, DominusKelvin, and eashaw
In Splunk Enterprise versions below 8.1.13, 8.2.10, and 9.0.4, an improperly-formatted ... High Unreviewed
CVE-2023-22941 was published Jul 6, 2023
Vulnerability of failures to capture exceptions in the communication framework. Successful... High Unreviewed
CVE-2023-1691 was published Jul 6, 2023
Unchecked parameter value in M-Files Server in versions before 23.6.12695.3 (excluding 23.2 SR2... High Unreviewed
CVE-2023-3405 was published Jun 27, 2023
Uncaught Exception in yaml High
CVE-2023-2251 was published for yaml (npm) Apr 24, 2023
chadlwilson pmartinat
mrgrain
Credited to chadlwilson, pmartinat, and mrgrain
Uncaught Exception in thorsten/phpmyfaq High
CVE-2023-0790 was published for thorsten/phpmyfaq (Composer) Feb 12, 2023
NLnet Labs Krill supports direct access to the RRDP repository content through its built-in web... High Unreviewed
CVE-2023-0158 was published Jan 17, 2023
In F?Secure Endpoint Protection for Windows and macOS before channel with Capricorn database 2022... High Unreviewed
CVE-2022-38166 was published Nov 25, 2022
fastify/websocket vulnerable to uncaught exception via crash on malformed packet High
CVE-2022-39386 was published for @fastify/websocket (npm) Nov 7, 2022
marcolanaro ramonsnir
tdunlap607
Credited to marcolanaro, ramonsnir, and tdunlap607
Keylime: unhandled exceptions could lead to invalid attestation states High
CVE-2022-3500 was published for Keylime (pip) Oct 28, 2022
galmasi
Credited to galmasi
A vulnerability in the processing of malformed Common Industrial Protocol (CIP) packets that are... High Unreviewed
CVE-2022-20919 was published Oct 1, 2022
Uncaught Exception (due to a data race) leads to process termination in Waitress High
CVE-2022-31015 was published for waitress (pip) Jun 2, 2022
oakkitten
Credited to oakkitten
A vulnerability has been identified in SIMATIC ET 200SP Open Controller (incl. SIPLUS variants) ... High Unreviewed
CVE-2020-15796 was published May 24, 2022
Crash in HeaderParser in dicer High
CVE-2022-24434 was published for dicer (Maven) May 21, 2022
dloetzke
Credited to dloetzke
Crash when decoding malformed HTTP requests or malformed JSON payload High
CVE-2018-1330 was published for org.apache.mesos:mesos (Maven) May 14, 2022
Logstash versions prior to 2.3.3, when using the Netflow Codec plugin, a remote attacker crafting... High Unreviewed
CVE-2016-10363 was published May 13, 2022
A vulnerability has been identified in SIMATIC CP 443-1 OPC UA (All versions), SIMATIC ET 200SP... High Unreviewed
CVE-2019-6575 was published May 13, 2022
Uncaught Exception in bignum High
CVE-2022-25324 was published for bignum (npm) May 7, 2022
Denial-of-Service when binding invalid parameters in sqlite3 High
CVE-2022-21227 was published for sqlite3 (npm) Apr 28, 2022
cristianstaicu
Credited to cristianstaicu
Denial of Service vulnerability in @podium/layout and @podium/proxy High
CVE-2022-24822 was published for @podium/layout (npm) Apr 7, 2022
DOS and Open Redirect with user input High
CVE-2021-22964 was published for fastify-static (npm) Oct 12, 2021
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database