Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,333
Erlang
31
GitHub Actions
22
Go
2,095
Maven
5,000+
npm
3,760
NuGet
678
pip
3,446
Pub
12
RubyGems
892
Rust
882
Swift
37
Unreviewed advisories
All unreviewed
5,000+

809 advisories

Loading
Code execution in Apache Struts 1 plugin Critical
CVE-2017-9791 was published for org.apache.struts:struts2-struts1-plugin (Maven) May 13, 2022
Dell OS10 Networking Switches running 10.5.2.x and above contain an OS command injection... Critical Unreviewed
CVE-2023-32462 was published Feb 15, 2024
Progress Telerik UI for ASP.NET AJAX before R2 2017 SP2 does not properly restrict user input to... Critical Unreviewed
CVE-2017-11357 was published May 14, 2022
Memory corruption while redirecting log file to any file location with any file name. Critical Unreviewed
CVE-2024-21473 was published Apr 1, 2024
Memory corruption in Core Services while executing the command for removing a single event listener. Critical Unreviewed
CVE-2023-28578 was published Mar 4, 2024
The zend_string_extend function in Zend/zend_string.h in PHP through 7.1.5 does not prevent... Critical Unreviewed
CVE-2017-8923 was published May 14, 2022
In attp_build_read_by_type_value_cmd of att_protocol.cc , there is a possible out of bounds write... Critical Unreviewed
CVE-2024-0031 was published Feb 16, 2024
CWE-20: Improper Input Validation vulnerability exists that could lead to a denial of service and... Critical Unreviewed
CVE-2024-11737 was published Dec 11, 2024
Improper Input Validation vulnerability in ABB ASPECT-Enterprise on Linux, ABB NEXUS Series on... Critical Unreviewed
CVE-2024-6298 was published Jul 5, 2024
Improper Input Validation in Twisted Critical
CVE-2020-10108 was published for Twisted (pip) Mar 31, 2020
GitPython vulnerable to Remote Code Execution due to improper user input validation Critical
CVE-2022-24439 was published for GitPython (pip) Dec 6, 2022
ad-m-ss tdunlap607
Ansible is vulnerable to an improper input validation in Ansible's handling of data sent from client systems Critical
CVE-2016-9587 was published for ansible (pip) Oct 10, 2018
Improper Input Validation in PyYAML Critical
CVE-2020-1747 was published for pyyaml (pip) Apr 20, 2021
tdunlap607 amita-seal
SaltStack Salt Unauthenticated Remote Code Execution Critical
CVE-2020-11651 was published for salt (pip) May 24, 2022
Improper Input Validation in PyYAML Critical
CVE-2020-14343 was published for PyYAML (pip) Mar 25, 2021
python-gnupg vulnerable to shell injection Critical
CVE-2014-1929 was published for python-gnupg (pip) Nov 6, 2018
OpenStack Murano Code Execution Critical
CVE-2016-4972 was published for murano (pip) May 17, 2022
SaltStack Salt Improper Validation of eauth credentials and tokens in salt-netapi Critical
CVE-2020-25592 was published for salt (pip) May 24, 2022
A vulnerability can occur when capturing a media stream when the media source type is changed as... Critical Unreviewed
CVE-2018-5156 was published May 14, 2022
An Improper Input Validation vulnerability in Zscaler Client Connector on Linux allows Privilege... Critical Unreviewed
CVE-2023-28805 was published Oct 23, 2023
Radicale vulnerable to arbitrary file read or write Critical
CVE-2015-8747 was published for Radicale (pip) May 17, 2022
Vendure asset server plugin has local file read vulnerability with AssetServerPlugin & LocalAssetStorageStrategy Critical
CVE-2024-48914 was published for @vendure/asset-server-plugin (npm) Oct 15, 2024
Chunghwa Telecom NOKIA G-040W-Q Firewall function has a vulnerability of input validation for... Critical Unreviewed
CVE-2023-41355 was published Nov 3, 2023
Enabling Simple Ajax Uploader plugin included in Laragon open-source software allows for a remote... Critical Unreviewed
CVE-2024-0864 was published Feb 29, 2024
Memory corruption while redirecting log file to any file location with any file name. Critical Unreviewed
CVE-2024-33066 was published Oct 7, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database