Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,685
Maven
5,000+
npm
4,318
NuGet
760
pip
4,092
Pub
12
RubyGems
958
Rust
1,063
Swift
45
Unreviewed advisories
All unreviewed
5,000+

39 advisories

Loading
In the Linux kernel, the following vulnerability has been resolved: misc: fastrpc: fix list... Moderate Unreviewed
CVE-2022-49393 was published Sep 22, 2025
In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: Prevent... Moderate Unreviewed
CVE-2025-38291 was published Jul 10, 2025
http-proxy-middleware can call writeBody twice because "else if" is not used Moderate
CVE-2025-32996 was published for http-proxy-middleware (npm) Apr 15, 2025
sealonohana
Credited to sealonohana
tough terminating targets role delegations are not respected Moderate
CVE-2025-2886 was published for tough (Rust) Mar 28, 2025
jku AdamKorcz
Credited to jku and AdamKorcz
In the Linux kernel, the following vulnerability has been resolved: pmdomain: imx93-blk-ctrl:... Moderate Unreviewed
CVE-2024-53134 was published Dec 4, 2024
HCL Traveler for Microsoft Outlook (HTMO) is susceptible to a control flow vulnerability. The... Moderate Unreviewed
CVE-2024-30133 was published Nov 12, 2024
wasmtime has a runtime crash when combining tail calls with trapping imports Moderate
CVE-2024-47763 was published for wasmtime (Rust) Oct 9, 2024
alexcrichton fitzgen
Credited to alexcrichton and fitzgen
In the Linux kernel, the following vulnerability has been resolved: usb: config: fix iteration... Moderate Unreviewed
CVE-2023-52781 was published May 21, 2024
In the Linux kernel, the following vulnerability has been resolved: net: USB: Fix wrong... Moderate Unreviewed
CVE-2023-52742 was published May 21, 2024
Requests `Session` object does not verify requests after making first request with verify=False Moderate
CVE-2024-35195 was published for requests (pip) May 20, 2024
mikeassel sigmavirus24
nateprewitt
Credited to mikeassel, sigmavirus24, and nateprewitt
eZ Platform Rules to disable executable access are ignored on Platform.sh (eZ Cloud) Moderate
GHSA-6xch-2vxx-5pvr was published for ezsystems/ezplatform (Composer) May 15, 2024
An issue in phiola/src/afilter/conv.c:115 of phiola v2.0-rc22 allows a remote attacker to cause a... Moderate Unreviewed
CVE-2024-33431 was published May 1, 2024
A malicious insider exploiting this vulnerability can circumvent existing security controls put... Moderate Unreviewed
CVE-2024-0313 was published Mar 14, 2024
OpenZeppelin Contracts and Contracts Upgradeable duplicated execution of subcalls in v4.9.4 Moderate
CVE-2023-49798 was published for @openzeppelin/contracts (npm) Dec 12, 2023
Always incorrect control flow in github.com/mojocn/base64Captcha Moderate
CVE-2023-45292 was published for github.com/mojocn/base64Captcha (Go) Dec 12, 2023
Fiber unauthorized access vulnerability in `ctx.IsFromLocal()` Moderate
CVE-2023-41338 was published for github.com/gofiber/fiber (Go) Sep 8, 2023
schicho gaby
efectn jozsefsallai ReneWerner87
Credited to schicho, gaby, efectn, jozsefsallai, and ReneWerner87
incorrect order of evaluation of side effects for some builtins Moderate
CVE-2023-41052 was published for vyper (pip) Sep 4, 2023
trocher
Credited to trocher
Vyper: reversed order of side effects for some operations Moderate
CVE-2023-40015 was published for vyper (pip) Sep 4, 2023
trocher
Credited to trocher
Insufficient control flow management in the Hyperscan Library maintained by Intel(R) before... Moderate Unreviewed
CVE-2023-28711 was published Aug 11, 2023
Incorrect control flow in Jenkins Gradle Plugin breaks credentials masking in the build log Moderate
CVE-2023-39152 was published for org.jenkins-ci.plugins:gradle (Maven) Jul 26, 2023
Vyper's nonpayable default functions are sometimes payable Moderate
CVE-2023-32675 was published for vyper (pip) May 22, 2023
trocher
Credited to trocher
An issue was discovered in ONOS 2.5.1. An intent with the same source and destination shows the... Moderate Unreviewed
CVE-2022-29609 was published Apr 20, 2023
Insufficient control flow management for the Intel(R) SGX SDK software for Linux before version 2... Moderate Unreviewed
CVE-2022-26841 was published Feb 16, 2023
Seg fault in `ndarray_tensor_bridge` due to zero and large inputs Moderate
CVE-2022-41884 was published for tensorflow (pip) Nov 21, 2022
Incorrect is_static parameter for custom stateful precompiles in SputnikVM (evm) Moderate
CVE-2022-39354 was published for evm (Rust) Oct 25, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database