Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,224
Erlang
31
GitHub Actions
19
Go
1,990
Maven
5,000+
npm
3,706
NuGet
661
pip
3,336
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+

184 advisories

Loading
user/group information can be corrupted across storing in fsimage and reading back from fsimage High
CVE-2018-11768 was published for org.apache.hadoop:hadoop-main (Maven) Nov 20, 2019
Denial of service in Netty Moderate
CVE-2014-3488 was published for io.netty:netty-handler (Maven) Jun 30, 2020
Buffer Overflow in centra High
GHSA-v6cj-r88p-92rm was published for centra (npm) Sep 30, 2019
Improper Restriction of Operations within the Bounds of a Memory Buffer in akka-http-core High
CVE-2017-1000118 was published for com.typesafe.akka:akka-http-core_2.11 (Maven) Oct 22, 2018
Denial of Service in ethereumjs-vm High
CVE-2018-19183 was published for ethereumjs-vm (npm) Nov 21, 2018
Stack Overflow in Apache Mesos High
CVE-2018-11793 was published for org.apache.mesos:mesos (Maven) Mar 6, 2019
Memory leak in Nanopb Moderate
CVE-2020-26243 was published for nanopb (pip) Nov 25, 2020
Integer overflow in base64 Critical
CVE-2017-1000430 was published for base64 (Rust) Aug 25, 2021
Uninitialized memory access in outer_cgi Critical
CVE-2021-30454 was published for outer_cgi (Rust) Aug 25, 2021
Data races in libsbc High
CVE-2020-36440 was published for libsbc (Rust) Aug 25, 2021
Data races in convec High
CVE-2020-36445 was published for convec (Rust) Aug 25, 2021
Data races in beef High
CVE-2020-36442 was published for beef (Rust) Aug 25, 2021
Data races in unicycle High
CVE-2020-36436 was published for unicycle (Rust) Aug 25, 2021
Data race in ruspiro-singleton High
CVE-2020-36435 was published for ruspiro-singleton (Rust) Aug 25, 2021
Data races in async-coap High
CVE-2020-36444 was published for async-coap (Rust) Aug 25, 2021
Buffer Overflow in vyper High
CVE-2022-24788 was published for vyper (pip) Apr 20, 2022
Improper Restriction of Operations within the Bounds of a Memory Buffer in Apache Sling Moderate
CVE-2013-2254 was published for org.apache.sling:org.apache.sling.api (Maven) May 17, 2022
RSA-PSS signature validation vulnerability by prepending zeros in jsrsasign Critical
CVE-2020-14968 was published for jsrsasign (npm) Jun 26, 2020
Remote code execution in ASP.NET Core High
CVE-2020-0603 was published for Microsoft.AspNetCore.All (NuGet) May 24, 2022
skofman1
RSA PKCS#1 decryption vulnerability with prepending zeros in jsrsasign Critical
CVE-2020-14967 was published for jsrsasign (npm) Jun 26, 2020
linux-loader reading beyond EOF could lead to infinite loop Low
CVE-2022-23523 was published for linux-loader (Rust) Dec 12, 2022
likebreath
Denial of Service in Netty High
CVE-2020-11612 was published for io.netty:netty-handler (Maven) Jun 15, 2020
Inappropriate implementation in V8 in CefSharp High
CVE-2020-16013 was published for CefSharp.Common (NuGet) Nov 27, 2020
Improper Restriction of Operations within the Bounds of a Memory Buffer in Apache Tomcat High
CVE-2020-13934 was published for org.apache.tomcat:tomcat (Maven) Feb 8, 2022
Remote code execution in ChakraCore High
CVE-2020-1057 was published for Microsoft.ChakraCore (NuGet) Aug 2, 2021
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database