Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,638
Maven
5,000+
npm
4,264
NuGet
760
pip
4,060
Pub
12
RubyGems
956
Rust
1,056
Swift
45
Unreviewed advisories
All unreviewed
5,000+

463 advisories

Loading
quic-go: Panic occurs when queuing undecryptable packets after handshake completion High
CVE-2025-59530 was published for github.com/quic-go/quic-go (Go) Oct 10, 2025
rsukhodolskyi
Credited to rsukhodolskyi
Volto affected by possible DoS by invoking specific URL by anonymous user High
CVE-2025-58047 was published for @plone/volto (npm) Aug 28, 2025
Certain instructions need intercepting and emulating by Xen. In some cases Xen emulates the... Moderate Unreviewed
CVE-2025-27465 was published Jul 16, 2025
This vulnerability allows remote attackers to execute arbitrary code on affected installations of... Critical Unreviewed
CVE-2022-23121 was published Mar 28, 2023
An arbitrary file copy vulnerability in mod_copy in ProFTPD up to 1.3.5b allows for remote code... Critical Unreviewed
CVE-2019-12815 was published May 24, 2022
bgpd/bgp_flowspec.c in FRRouting (FRR) before 8.4.3 mishandles an nlri length of zero, aka a ... Critical Unreviewed
CVE-2023-38406 was published Nov 6, 2023
Vilar VS-IPC1002 IP cameras are vulnerable to DoS (Denial-of-Service) attacks. An unauthenticated... High Unreviewed
CVE-2025-53702 was published Oct 23, 2025
In the Linux kernel, the following vulnerability has been resolved: media: dvbdev: prevent the... Moderate Unreviewed
CVE-2024-53063 was published Nov 19, 2024
In the Linux kernel, the following vulnerability has been resolved: nilfs2: propagate directory... Moderate Unreviewed
CVE-2024-50202 was published Nov 8, 2024
In the Linux kernel, the following vulnerability has been resolved: remoteproc: k3-r5: Fix error... Moderate Unreviewed
CVE-2024-50176 was published Nov 8, 2024
In the Linux kernel, the following vulnerability has been resolved: static_call: Handle module... Moderate Unreviewed
CVE-2024-50002 was published Oct 21, 2024
In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Fix error path in... Moderate Unreviewed
CVE-2024-50001 was published Oct 21, 2024
Apache Tomcat - Denial of Service High
CVE-2024-34750 was published for org.apache.tomcat.embed:tomcat-embed-core (Maven) Jul 3, 2024
westonsteimel
Credited to westonsteimel
decompress_gunzip.c in BusyBox through 1.32.1 mishandles the error bit on the huft_build result... High Unreviewed
CVE-2021-28831 was published May 24, 2022
Wasmtime vulnerable to segfault when using component resources Low
CVE-2025-62711 was published for wasmtime (Rust) Oct 27, 2025
alexcrichton
Credited to alexcrichton
Apache Struts vulnerable to remote arbitrary command execution due to improper input validation Critical
CVE-2017-5638 was published for org.apache.struts:struts2-core (Maven) Oct 18, 2018
sunSUNQ
Credited to sunSUNQ
Inappropriate implementation in V8 in Google Chrome prior to 95.0.4638.69 allowed a remote... High Unreviewed
CVE-2021-38003 was published Nov 24, 2021
Improper handling of address deregistration on failure can lead to new GPU address allocation... Moderate Unreviewed
CVE-2021-1906 was published May 24, 2022
there is a possible way to bypass due to a logic error in the code. This could lead to local... High Unreviewed
CVE-2024-29748 was published Apr 5, 2024
smtp_mailaddr in smtp_session.c in OpenSMTPD 6.6, as used in OpenBSD 6.6 and other products,... High Unreviewed
CVE-2020-7247 was published May 24, 2022
A vulnerability in the Bidirectional Forwarding Detection (BFD) offload implementation of Cisco... High Unreviewed
CVE-2018-0155 was published May 13, 2022
An improper check or handling of exceptional conditions in NPU driver prior to SMR Jan-2022... High Unreviewed
CVE-2022-22265 was published Jan 11, 2022
LlamaIndex Improper Handling of Exceptional Conditions vulnerability High
CVE-2024-12704 was published for llama_index (pip) Mar 20, 2025
Improper Privilege Management vulnerability in Centreon web allows Privilege Escalation. ACL are... Moderate Unreviewed
CVE-2025-4649 was published May 13, 2025
mintplex-labs/anything-llm is vulnerable to multiple security issues due to improper input... High Unreviewed
CVE-2024-3152 was published Jun 6, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database