Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,685
Maven
5,000+
npm
4,318
NuGet
760
pip
4,092
Pub
12
RubyGems
958
Rust
1,063
Swift
45
Unreviewed advisories
All unreviewed
5,000+

24 advisories

Loading
Unhandled case in node-lmdb High
CVE-2022-21164 was published for node-lmdb (npm) Mar 17, 2022
An Improper Handling of Unexpected Data Type vulnerability in the Routing Protocol Daemon (rpd)... Moderate Unreviewed
CVE-2022-22193 was published Apr 15, 2022
Passing in a non-string 'html' argument can lead to unsanitized output Moderate
CVE-2021-32696 was published for striptags (npm) Jun 18, 2021
erik-krogh
Credited to erik-krogh
Improper Handling of Unexpected Data Type in ced High
CVE-2021-39131 was published for ced (npm) Aug 23, 2021
cristianstaicu
Credited to cristianstaicu
Duplicate advisory: swift-nio-http2 vulnerable to denial of service via ALTSVC or ORIGIN frames High
GHSA-gpgx-whwh-r297 was published for github.com/apple/swift-nio-http2 (Swift) Feb 11, 2022 withdrawn
swift-nio-http2 vulnerable to denial of service via ALTSVC or ORIGIN frames High
CVE-2022-24668 was published for github.com/apple/swift-nio-http2 (Swift) May 18, 2023
An Improper Handling of Unexpected Data Type vulnerability in IPv6 firewall filter processing of... Moderate Unreviewed
CVE-2023-28961 was published Apr 18, 2023
An attacker sending a single malformed IEEE 802.15.4 (Zigbee) frame makes the TRÅDFRI bulb blink,... High Unreviewed
CVE-2022-39064 was published Jul 6, 2023
Denial-of-service in NodeBB <= v2.8.10 allows unauthenticated attackers to trigger a crash, when... High Unreviewed
CVE-2023-30591 was published Sep 29, 2023
A single malformed IEEE 802.15.4 (Zigbee) frame makes the TRÅDFRI gateway unresponsive, such that... Moderate Unreviewed
CVE-2022-39065 was published Jul 6, 2023
A flaw was found in libnbd. A server can reply with a block size larger than 2^63 (the NBD spec... Moderate Unreviewed
CVE-2023-5215 was published Sep 28, 2023
Dell PowerScale OneFS versions 8.2.x through 9.7.0.2 contains an improper handling of unexpected... Moderate Unreviewed
CVE-2024-25966 was published May 14, 2024
speaker vulnerable to Denial of Service High
CVE-2024-21526 was published for speaker (npm) Jul 10, 2024
images vulnerable to Denial of Service High
CVE-2024-21523 was published for images (npm) Jul 10, 2024
Insufficient argument checking in Secure state Entry functions in software using Cortex-M... Moderate Unreviewed
CVE-2024-0151 was published Apr 24, 2024
Certain HP LaserJet printers may potentially experience a denial of service when a user sends a... Moderate Unreviewed
CVE-2024-9423 was published Oct 2, 2024
Multiple Cisco products are affected by a vulnerability in Snort rules that could allow an... High Unreviewed
CVE-2021-40116 was published May 24, 2022
Certain HP LaserJet Pro printers may potentially experience a denial of service when a user sends... Moderate Unreviewed
CVE-2025-1004 was published Feb 6, 2025
An issue in Tuya Smart camera U6N v.3.2.5 allows a remote attacker to cause a denial of service... Low Unreviewed
CVE-2024-32268 was published Apr 29, 2024
The HP LaserJet MFP M232-M237 Printer Series may be vulnerable to a denial of service attack when... Moderate Unreviewed
CVE-2025-2268 was published Mar 14, 2025
Nokogiri Improperly Handles Unexpected Data Type High
CVE-2022-29181 was published for nokogiri (RubyGems) May 23, 2022
agustingianni decsecre583
Credited to agustingianni and decsecre583
on-headers is vulnerable to http response header manipulation Low
CVE-2025-7339 was published for on-headers (npm) Jul 17, 2025
ctcpip jonchurch
SPodjasek UlisesGascon sheplu Zen-cronic
Credited to ctcpip, jonchurch, SPodjasek, UlisesGascon, sheplu, and Zen-cronic
Improper input validation in Satellite Management Controller (SMC) may allow an attacker with... Moderate Unreviewed
CVE-2024-21935 was published Sep 24, 2025
Improper input validation in Satellite Management Controller (SMC) may allow an attacker with... Moderate Unreviewed
CVE-2024-21927 was published Sep 24, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database