Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,967
Erlang
29
GitHub Actions
16
Go
1,748
Maven
4,978
npm
3,509
NuGet
609
pip
3,075
Pub
10
RubyGems
832
Rust
781
Swift
34
Unreviewed advisories
All unreviewed
5,000+

5,896 advisories

Loading
In the Linux kernel, the following vulnerability has been resolved: apparmor: avoid crash when... Moderate Unreviewed
CVE-2023-52443 was published Feb 22, 2024
In the Linux kernel, the following vulnerability has been resolved: ipv4: check for NULL idev in... Moderate Unreviewed
CVE-2024-36008 was published May 20, 2024
EC-CUBE vulnerable to authorization bypass Moderate
CVE-2014-0808 was published for ec-cube/ec-cube (Composer) May 17, 2022
Buffer overflow in the picolcd_raw_event function in devices/hid/hid-picolcd_core.c in the... Moderate Unreviewed
CVE-2014-3186 was published May 17, 2022
In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Prevent deadlock... Moderate Unreviewed
CVE-2024-27014 was published May 1, 2024
In the Linux kernel, the following vulnerability has been resolved: mm/memory-failure: fix... Moderate Unreviewed
CVE-2024-26987 was published May 1, 2024
In the Linux kernel, the following vulnerability has been resolved: RDMA/srp: Set scmnd->result... Moderate Unreviewed
CVE-2022-48692 was published May 3, 2024
Multiple cross-site scripting (XSS) vulnerabilities in ESRI ArcGIS for Desktop, ArcGIS for Engine... Moderate Unreviewed
CVE-2014-9741 was published May 17, 2022
Symfony has a security issue when parsing the Authorization header Moderate
CVE-2014-6061 was published for symfony/http-foundation (Composer) May 30, 2024
Multiple cross-site request forgery (CSRF) vulnerabilities in D-Link DIR-600 router (rev. Bx)... Moderate Unreviewed
CVE-2014-100005 was published May 17, 2022
OpenStack Identity (Keystone) Denial of Service Moderate
CVE-2013-2014 was published for keystone (pip) May 13, 2022
A vulnerability has been found in Campcodes Complete Web-Based School Management System 1.0 and... Moderate Unreviewed
CVE-2024-5109 was published May 20, 2024
Code Injection in Django Moderate
CVE-2014-0472 was published for Django (pip) May 17, 2022
MarkLee131
Django Reuses Cached CSRF Token Moderate
CVE-2014-0473 was published for django (pip) May 17, 2022
MarkLee131
Loop with Unreachable Exit Condition in Apache CXF Moderate
CVE-2014-3584 was published for org.apache.cxf:cxf-rt-frontend-jaxrs (Maven) May 13, 2022
sunSUNQ SunBK201
OpenStack Glance Bypass the storage quota and Denial of service Moderate
CVE-2014-9623 was published for glance (pip) May 17, 2022
OpenStack Glance Denial of service by creating a large number of images Moderate
CVE-2014-9684 was published for glance (pip) May 17, 2022
OpenStack Glance Denial of service by creating a large number of images Moderate
CVE-2015-1881 was published for glance (pip) May 17, 2022
OpenStack Glance improper validation of the image_size_cap configuration option Moderate
CVE-2014-5356 was published for glance (pip) May 17, 2022
OpenStack Glance v2 API unrestricted path traversal through filesystem:// scheme Moderate
CVE-2015-1195 was published for glance (pip) May 14, 2022
OpenStack Swift metadata constraints are not correctly enforced Moderate
CVE-2014-7960 was published for swift (pip) May 17, 2022
OpenStack Nova Router metadata queries are not restricted by tenant Moderate
CVE-2013-6419 was published for nova (pip) May 17, 2022
OpenStack Cinder file disclosure in image convert Moderate
CVE-2015-1851 was published for cinder (pip) May 17, 2022
OpenStack Dashboard (Horizon) Cross-site scripting (XSS) vulnerability Moderate
CVE-2015-3219 was published for horizon (pip) May 17, 2022
OpenStack Identity (Keystone) UUID v2 tokens does not expire with revocation events Moderate
CVE-2014-5252 was published for keystone (pip) May 17, 2022
ProTip! Advisories are also available from the GraphQL API