Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,262
Erlang
31
GitHub Actions
21
Go
2,030
Maven
5,000+
npm
3,732
NuGet
662
pip
3,409
Pub
12
RubyGems
891
Rust
865
Swift
36
Unreviewed advisories
All unreviewed
5,000+

184 advisories

Loading
ChakraCore RCE Vulnerability High
CVE-2020-0713 was published for Microsoft.ChakraCore (NuGet) May 24, 2022
ChakraCore RCE Vulnerability High
CVE-2020-0712 was published for Microsoft.ChakraCore (NuGet) May 24, 2022
ChakraCore RCE Vulnerability High
CVE-2020-0711 was published for Microsoft.ChakraCore (NuGet) May 24, 2022
ChakraCore RCE Vulnerability High
CVE-2020-0710 was published for Microsoft.ChakraCore (NuGet) May 24, 2022
Remote code execution in ASP.NET Core High
CVE-2020-0603 was published for Microsoft.AspNetCore.All (NuGet) May 24, 2022
skofman1
Out of bounds memory access in github.com/open-policy-agent/opa High
CVE-2022-28946 was published for github.com/open-policy-agent/opa (Go) May 20, 2022
PartialBufferOutputStream2 flush issues Moderate
CVE-2008-7227 was published for org.geoserver.web:gs-web-app (Maven) May 17, 2022 withdrawn
jodygarnett
Improper Restriction of Operations within the Bounds of a Memory Buffer in python-cjson Moderate
CVE-2010-1666 was published for python-cjson (pip) May 17, 2022
Django vulnerable to Improper Restriction of Operations within the Bounds of a Memory Buffer High
CVE-2012-3444 was published for Django (pip) May 17, 2022
sunSUNQ
Lift Sensitive Information Disclosure Moderate
CVE-2013-3300 was published for net.liftweb:lift-webkit (Maven) May 17, 2022
OpenStack Compute (Nova) vulnerable to denial of service via XML Entity Expansion attack Moderate
CVE-2013-4179 was published for nova (pip) May 17, 2022
OpenStack Swift allows authenticated users to cause a denial of service Moderate
CVE-2013-4155 was published for swift (pip) May 17, 2022
SOAPpy vulnerable to XXE attacks Moderate
CVE-2014-3243 was published for SOAPpy (pip) May 17, 2022
Dulwich Buffer Overflow when handling pack files Critical
CVE-2015-0838 was published for dulwich (pip) May 17, 2022
Pillow Buffer overflow in Jpeg2KEncode.c High
CVE-2016-3076 was published for pillow (pip) May 17, 2022
ChakraCore RCE Vulnerability High
CVE-2017-0224 was published for Microsoft.ChakraCore (NuGet) May 17, 2022
ChakraCore RCE Vulnerability High
CVE-2017-0235 was published for Microsoft.ChakraCore (NuGet) May 17, 2022
ChakraCore RCE Vulnerability Critical
CVE-2017-0252 was published for Microsoft.ChakraCore (NuGet) May 17, 2022
ChakraCore RCE Vulnerability Critical
CVE-2017-0223 was published for Microsoft.ChakraCore (NuGet) May 17, 2022
ChakraCore RCE Vulnerability High
CVE-2017-0234 was published for Microsoft.ChakraCore (NuGet) May 17, 2022
ChakraCore RCE Vulnerability High
CVE-2017-0236 was published for Microsoft.ChakraCore (NuGet) May 17, 2022
ChakraCore RCE Vulnerability Critical
CVE-2017-8658 was published for Microsoft.ChakraCore (NuGet) May 17, 2022
PyFriBidi Buffer overflow in the fribidi_utf8_to_unicode function High
CVE-2012-1176 was published for pyfribidi (pip) May 17, 2022
Improper Restriction of Operations within the Bounds of a Memory Buffer in Apache Sling Moderate
CVE-2013-2254 was published for org.apache.sling:org.apache.sling.api (Maven) May 17, 2022
ChakraCore RCE Vulnerability High
CVE-2017-11792 was published for Microsoft.ChakraCore (NuGet) May 17, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database