GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,967
Erlang
29
GitHub Actions
16
Go
1,748
Maven
4,978
npm
3,509
NuGet
609
pip
3,075
Pub
10
RubyGems
832
Rust
781
Swift
34
Unreviewed advisories
All unreviewed
5,000+
5,896 advisories
Filter by severity
In the Linux kernel, the following vulnerability has been resolved:
apparmor: avoid crash when...
Moderate
Unreviewed
CVE-2023-52443
was published
Feb 22, 2024
In the Linux kernel, the following vulnerability has been resolved:
ipv4: check for NULL idev in...
Moderate
Unreviewed
CVE-2024-36008
was published
May 20, 2024
EC-CUBE vulnerable to authorization bypass
Moderate
CVE-2014-0808
was published
for
ec-cube/ec-cube
(Composer)
May 17, 2022
Buffer overflow in the picolcd_raw_event function in devices/hid/hid-picolcd_core.c in the...
Moderate
Unreviewed
CVE-2014-3186
was published
May 17, 2022
In the Linux kernel, the following vulnerability has been resolved:
net/mlx5e: Prevent deadlock...
Moderate
Unreviewed
CVE-2024-27014
was published
May 1, 2024
In the Linux kernel, the following vulnerability has been resolved:
mm/memory-failure: fix...
Moderate
Unreviewed
CVE-2024-26987
was published
May 1, 2024
In the Linux kernel, the following vulnerability has been resolved:
RDMA/srp: Set scmnd->result...
Moderate
Unreviewed
CVE-2022-48692
was published
May 3, 2024
Multiple cross-site scripting (XSS) vulnerabilities in ESRI ArcGIS for Desktop, ArcGIS for Engine...
Moderate
Unreviewed
CVE-2014-9741
was published
May 17, 2022
Symfony has a security issue when parsing the Authorization header
Moderate
CVE-2014-6061
was published
for
symfony/http-foundation
(Composer)
May 30, 2024
Multiple cross-site request forgery (CSRF) vulnerabilities in D-Link DIR-600 router (rev. Bx)...
Moderate
Unreviewed
CVE-2014-100005
was published
May 17, 2022
OpenStack Identity (Keystone) Denial of Service
Moderate
CVE-2013-2014
was published
for
keystone
(pip)
May 13, 2022
A vulnerability has been found in Campcodes Complete Web-Based School Management System 1.0 and...
Moderate
Unreviewed
CVE-2024-5109
was published
May 20, 2024
Loop with Unreachable Exit Condition in Apache CXF
Moderate
CVE-2014-3584
was published
for
org.apache.cxf:cxf-rt-frontend-jaxrs
(Maven)
May 13, 2022
OpenStack Glance Bypass the storage quota and Denial of service
Moderate
CVE-2014-9623
was published
for
glance
(pip)
May 17, 2022
OpenStack Glance Denial of service by creating a large number of images
Moderate
CVE-2014-9684
was published
for
glance
(pip)
May 17, 2022
OpenStack Glance Denial of service by creating a large number of images
Moderate
CVE-2015-1881
was published
for
glance
(pip)
May 17, 2022
OpenStack Glance improper validation of the image_size_cap configuration option
Moderate
CVE-2014-5356
was published
for
glance
(pip)
May 17, 2022
OpenStack Glance v2 API unrestricted path traversal through filesystem:// scheme
Moderate
CVE-2015-1195
was published
for
glance
(pip)
May 14, 2022
OpenStack Swift metadata constraints are not correctly enforced
Moderate
CVE-2014-7960
was published
for
swift
(pip)
May 17, 2022
OpenStack Nova Router metadata queries are not restricted by tenant
Moderate
CVE-2013-6419
was published
for
nova
(pip)
May 17, 2022
OpenStack Cinder file disclosure in image convert
Moderate
CVE-2015-1851
was published
for
cinder
(pip)
May 17, 2022
OpenStack Dashboard (Horizon) Cross-site scripting (XSS) vulnerability
Moderate
CVE-2015-3219
was published
for
horizon
(pip)
May 17, 2022
OpenStack Identity (Keystone) UUID v2 tokens does not expire with revocation events
Moderate
CVE-2014-5252
was published
for
keystone
(pip)
May 17, 2022
ProTip!
Advisories are also available from the
GraphQL API