GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,954
Erlang
29
GitHub Actions
16
Go
1,740
Maven
4,967
npm
3,504
NuGet
607
pip
3,064
Pub
10
RubyGems
832
Rust
780
Swift
34
Unreviewed advisories
All unreviewed
5,000+
106 advisories
Filter by severity
Regular Expression Denial of Service in jsoneditor
Moderate
CVE-2021-3822
was published
for
jsoneditor
(npm)
Sep 29, 2021
The SolarWinds Platform was susceptible to the Incorrect Comparison Vulnerability. This...
High
Unreviewed
CVE-2023-23845
was published
Sep 14, 2023
The SolarWinds Platform was susceptible to the Incorrect Comparison Vulnerability. This...
High
Unreviewed
CVE-2023-23840
was published
Sep 14, 2023
Jenkins Google Login Plugin non-constant time token comparison
High
CVE-2023-41936
was published
for
org.jenkins-ci.plugins:google-login
(Maven)
Sep 6, 2023
Espeak-ng 1.52-dev was discovered to contain a Floating Point Exception via the function...
Moderate
Unreviewed
CVE-2023-49994
was published
Dec 12, 2023
Non-constant time nonce comparison in Jenkins Microsoft Entra ID (previously Azure AD) Plugin
High
CVE-2023-41935
was published
for
org.jenkins-ci.plugins:azure-ad
(Maven)
Sep 6, 2023
Non-constant time webhook token comparison in Jenkins GitLab Branch Source Plugin
Low
CVE-2024-23903
was published
for
io.jenkins.plugins:gitlab-branch-source
(Maven)
Jan 24, 2024
An unauthenticated client can trigger denial of service by issuing specially crafted wire...
High
Unreviewed
CVE-2019-20925
was published
May 24, 2022
A vulnerability was found in planet-freo up to 20150116 and classified as problematic. Affected...
Low
Unreviewed
CVE-2015-10129
was published
Feb 4, 2024
Incorrect HTTP Request header comparison in Squid HTTP Proxy 3.5.0.1 through 3.5.22, and 4.0.1...
High
Unreviewed
CVE-2016-10003
was published
May 17, 2022
IBM PowerSC 1.3, 2.0, and 2.1 uses Cross-Origin Resource Sharing (CORS) which could allow an...
Moderate
Unreviewed
CVE-2023-50940
was published
Feb 2, 2024
A potential attacker with access to the Westermo Lynx device would be able to execute...
Moderate
Unreviewed
CVE-2023-45213
was published
Feb 7, 2024
Logic error in authentication in proxy.py
High
CVE-2021-3116
was published
for
proxy.py
(pip)
Apr 7, 2021
xattr.c in the ext2 and ext3 file system code for Linux kernel 2.6 does not properly compare the...
Moderate
Unreviewed
CVE-2005-2801
was published
May 1, 2022
gifsicle-1.94 was found to have a floating point exception (FPE) vulnerability via resize_stream...
High
Unreviewed
CVE-2023-46009
was published
Oct 18, 2023
An issue was discovered in ONOS 2.5.1. There is an incorrect comparison of flow rules installed...
Moderate
Unreviewed
CVE-2021-38364
was published
Apr 20, 2023
An issue was discovered in ONOS 2.5.1. There is an incorrect comparison of paths installed by...
Moderate
Unreviewed
CVE-2022-29944
was published
Apr 20, 2023
An incorrect comparison vulnerability was identified in GitHub Enterprise Server that allowed...
Moderate
Unreviewed
CVE-2023-23762
was published
Jul 6, 2023
A floating point exception vulnerability was found in sox, in the read_samples function at sox...
Moderate
Unreviewed
CVE-2023-32627
was published
Jul 10, 2023
Experion server may experience a DoS due to a stack overflow when handling a specially crafted...
High
Unreviewed
CVE-2023-22435
was published
Jul 13, 2023
The SolarWinds Platform was susceptible to the Incorrect Comparison Vulnerability. This...
High
Unreviewed
CVE-2023-23843
was published
Jul 26, 2023
The SolarWinds Platform was susceptible to the Incorrect Comparison Vulnerability. This...
High
Unreviewed
CVE-2023-23844
was published
Jul 26, 2023
An incorrect comparison vulnerability was identified in GitHub Enterprise Server that allowed...
High
Unreviewed
CVE-2023-23764
was published
Jul 27, 2023
An incorrect comparison vulnerability was identified in GitHub Enterprise Server that allowed...
Moderate
Unreviewed
CVE-2023-23765
was published
Aug 31, 2023
In Trusted Firmware-M through TF-Mv1.8.0, for platforms that integrate the CryptoCell accelerator...
High
Unreviewed
CVE-2023-40271
was published
Sep 8, 2023
ProTip!
Advisories are also available from the
GraphQL API