Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,717
Maven
5,000+
npm
4,328
NuGet
761
pip
4,105
Pub
12
RubyGems
958
Rust
1,065
Swift
45
Unreviewed advisories
All unreviewed
5,000+

66 advisories

Loading
Uncaught Exception in libpulse-binding Moderate
GHSA-wcxc-jf6c-8rx9 was published for libpulse-binding (Rust) Aug 25, 2021
Undertow Uncaught Exception vulnerability Moderate
CVE-2016-7046 was published for io.undertow:undertow-core (Maven) May 17, 2022
Unexpected server crash in Next.js Moderate
CVE-2022-36046 was published for next (npm) Aug 30, 2022
Uncaught exception in engine.io Moderate
CVE-2022-41940 was published for engine.io (npm) Nov 21, 2022
G-Rath
Credited to G-Rath
mercurius has Uncaught Exception when using subscriptions Moderate
CVE-2023-22477 was published for mercurius (npm) Jan 9, 2023
marcolanaro
Credited to marcolanaro
Uncaught Exception in zip4j Moderate
CVE-2022-24615 was published for net.lingala.zip4j:zip4j (Maven) Feb 25, 2022
srikanth-lingala
Credited to srikanth-lingala
Camaleon CMS vulnerable to Uncaught Exception Moderate
CVE-2021-25971 was published for camaleon_cms (RubyGems) May 24, 2022
Denial of Service in sequelize Moderate
GHSA-fw4p-36j9-rrj3 was published for sequelize (npm) Sep 3, 2020
XWiki Platform vulnerable to page render failure due to broken translations Moderate
CVE-2023-29520 was published for org.xwiki.platform:xwiki-platform-localization-source-wiki (Maven) Apr 20, 2023
stellar-strkey vulnerable to panic in SignedPayload::from_payload Moderate
CVE-2023-46135 was published for stellar-strkey (Rust) Oct 25, 2023
yeggor
Credited to yeggor
Uncaught exception for some Intel Unison software may allow an authenticated user to potentially... Moderate Unreviewed
CVE-2023-22290 was published Nov 14, 2023
Uncaught Exception in surrealdb Moderate
GHSA-jm4v-58r5-66hj was published for surrealdb (Rust) Jan 18, 2024
Tu0Laj1 jabis
Credited to Tu0Laj1 and jabis
StorageGRID (formerly StorageGRID Webscale) versions prior to 11.8 are susceptible to a Denial... Moderate Unreviewed
CVE-2024-21983 was published Feb 17, 2024
Uncaught Exception Handling Parsing Errors on Line Terminators Moderate
GHSA-8xff-473h-f863 was published for surrealdb (Rust) Feb 21, 2024
Cheyenne1025
Credited to Cheyenne1025
Uncaught Exception in Macro Expecting Native Function to Exist Moderate
GHSA-6wr5-jmpr-mjcx was published for surrealdb (Rust) Feb 21, 2024
idofilus
Credited to idofilus
StorageGRID (formerly StorageGRID Webscale) versions 11.6.0 through 11.6.0.13 are susceptible to... Moderate Unreviewed
CVE-2023-27318 was published Feb 5, 2024
It was found in AMQ Online before 1.5.2 that injecting an invalid field to a user's AddressSpace... Moderate Unreviewed
CVE-2020-14348 was published May 24, 2022
NVIDIA Cumulus Linux contains a vulnerability in neighmgrd and nlmanager where an attacker on an... Moderate Unreviewed
CVE-2023-25526 was published Sep 20, 2023
Denial of service (DoS) vulnerability in the AMS module Impact: Successful exploitation of this... Moderate Unreviewed
CVE-2024-32995 was published May 14, 2024
IBM App Connect Enterprise 11.0.0.1 through 11.0.0.25 and 12.0.1.0 through 12.0.12.0 integration... Moderate Unreviewed
CVE-2024-31904 was published May 22, 2024
@strapi/plugin-upload has a Denial-of-Service via Improper Exception Handling Moderate
CVE-2024-31217 was published for @strapi/plugin-upload (npm) Jun 12, 2024
CxDavidepaalte derrickmehaffy
Marc-Roig alexandrebodin
Credited to CxDavidepaalte, derrickmehaffy, Marc-Roig, and alexandrebodin
In flashc, there is a possible information disclosure due to an uncaught exception. This could... Moderate Unreviewed
CVE-2024-20048 was published Apr 1, 2024
Uncaught exception in Intel(R) RAID Web Console software all versions may allow an authenticated... Moderate Unreviewed
CVE-2024-33848 was published Sep 16, 2024
A denial of service vulnerability exists in all Silicon Labs Z-Wave controller and endpoint... Moderate Unreviewed
CVE-2023-5310 was published Dec 15, 2023
Malformed S2 Nonce Get Command Class packets can be sent to crash PC Controller v5.54.0 and... Moderate Unreviewed
CVE-2023-6640 was published Feb 21, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database