GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,249
Erlang
31
GitHub Actions
21
Go
2,018
Maven
5,000+
npm
3,723
NuGet
662
pip
3,400
Pub
11
RubyGems
890
Rust
857
Swift
36
Unreviewed advisories
All unreviewed
5,000+
17 advisories
Filter by severity
eyre: Parts of Report are dropped as the wrong type during downcast
High
GHSA-4v52-7q2x-v4xj
was published
for
eyre
(Rust)
Apr 5, 2024
Duplicate advisory: Sequelize - Unsafe fall-through in getWhereConditions
High
GHSA-r3vq-92c6-3mqf
was published
for
@sequelize/core
(npm)
Feb 16, 2023
•
withdrawn
Vulnerable OpenSSL included in cryptography wheels
High
CVE-2023-0286
was published
for
cryptography
(pip)
Feb 8, 2023
Nokogiri implementation of libxslt vulnerable to heap corruption
High
CVE-2019-5815
was published
for
nokogiri
(RubyGems)
May 24, 2022
libxslt Type Confusion vulnerability that affects Nokogiri
High
CVE-2019-13118
was published
for
nokogiri
(RubyGems)
May 24, 2022
Nokogiri Improperly Handles Unexpected Data Type
High
CVE-2022-29181
was published
for
nokogiri
(RubyGems)
May 23, 2022
ChakraCore RCE Vulnerability
High
CVE-2016-7201
was published
for
Microsoft.ChakraCore
(NuGet)
May 14, 2022
ChakraCore RCE Vulnerability
High
CVE-2018-8384
was published
for
Microsoft.ChakraCore
(NuGet)
May 13, 2022
ChakraCore RCE Vulnerability
High
CVE-2018-8291
was published
for
Microsoft.ChakraCore
(NuGet)
May 13, 2022
ChakraCore RCE Vulnerability
High
CVE-2018-8298
was published
for
Microsoft.ChakraCore
(NuGet)
May 13, 2022
ChakraCore RCE Vulnerability
High
CVE-2018-8229
was published
for
Microsoft.ChakraCore
(NuGet)
May 13, 2022
ChakraCore RCE Vulnerability
High
CVE-2018-8133
was published
for
Microsoft.ChakraCore
(NuGet)
May 13, 2022
Type Confusion in LiveHelperChat
High
CVE-2022-1176
was published
for
remdex/livehelperchat
(Composer)
Apr 1, 2022
Type confusion leading to segfault in Tensorflow
High
CVE-2022-21731
was published
for
tensorflow
(pip)
Feb 10, 2022
ProTip!
Advisories are also available from the
GraphQL API