Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,822
Erlang
36
GitHub Actions
32
Go
2,413
Maven
5,000+
npm
4,052
NuGet
723
pip
3,844
Pub
12
RubyGems
933
Rust
1,005
Swift
38
Unreviewed advisories
All unreviewed
5,000+

4,983 advisories

Loading
"Arbitrary code execution in socket.io-file" High
CVE-2020-24807 was published for socket.io-file (npm) May 10, 2021
cumulative-distribution-function Infinite Loop vulnerability High
CVE-2021-29486 was published for cumulative-distribution-function (npm) May 4, 2021
Externally Controlled Reference to a Resource in Another Sphere, Improper Input Validation, and External Control of File Name or Path in Ansible High
CVE-2019-14905 was published for ansible (pip) Apr 20, 2021
OS Command Injection and Improper Input Validation in ansible High
CVE-2019-14904 was published for ansible (pip) Apr 20, 2021
Sydent vulnerable to denial of service attack via memory exhaustion High
CVE-2021-29430 was published for matrix-sydent (pip) Apr 19, 2021
Improper Input Validation in klona High
CVE-2020-8125 was published for klona (npm) Apr 13, 2021
Code injection in port-killer High
CVE-2021-23359 was published for port-killer (npm) Apr 13, 2021
Improper Input Validation in sopel-plugins.channelmgnt High
CVE-2021-21431 was published for sopel-plugins.channelmgnt (pip) Apr 9, 2021
Prototype Pollution in y18n High
CVE-2020-7774 was published for y18n (npm) Mar 29, 2021
Broken Access Control in Form Framework High
CVE-2021-21357 was published for typo3/cms (Composer) Mar 23, 2021
sushiwushi waldhacker1
Regular Expression Denial-of-Service in npm schema-inspector High
CVE-2021-21267 was published for schema-inspector (npm) Mar 19, 2021
erik-krogh
Improper Input Validation (RCE) High
CVE-2021-26814 was published for wazuh (npm) Mar 18, 2021
URIjs Hostname spoofing via backslashes in URL High
CVE-2021-27516 was published for urijs (npm) Mar 1, 2021
Yaniv-git
Denial of Service in i18n High
CVE-2020-7791 was published for i18n (NuGet) Dec 14, 2020
Denial of service attack due to invalid JSON High
CVE-2020-26890 was published for matrix-synapse (pip) Nov 24, 2020
dkasak
Vulnerability in RPKI manifest validation High
GHSA-q76j-58cx-wp5v was published for net.ripe.rpki:rpki-validator-3 (Maven) Nov 13, 2020
Prototype pollution in object-path High
CVE-2020-15256 was published for object-path (npm) Oct 19, 2020
alromh87 JamieSlome
Asjidkalam huntr-helper
Unpreventable top-level navigation High
CVE-2020-15174 was published for electron (npm) Oct 6, 2020
masatokinugawa
Potential access control security issue in apollo-adminservice High
CVE-2020-15170 was published for com.ctrip.framework.apollo:apollo-core (Maven) Oct 2, 2020
File restriction bypass in socket.io-file High
GHSA-6495-8jvh-f28x was published for socket.io-file (npm) Oct 2, 2020
Segmentation fault in tensorflow-lite High
CVE-2020-15210 was published for tensorflow (pip) Sep 25, 2020
Denial of Service in Tensorflow High
CVE-2020-15206 was published for tensorflow (pip) Sep 25, 2020
Denial of Service in Tensorflow High
CVE-2020-15203 was published for tensorflow (pip) Sep 25, 2020
Segfault in Tensorflow High
CVE-2020-15200 was published for tensorflow (pip) Sep 25, 2020
Denial of Service in Tensorflow High
CVE-2020-15199 was published for tensorflow (pip) Sep 25, 2020
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database