GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,972
Erlang
29
GitHub Actions
16
Go
1,762
Maven
4,983
npm
3,518
NuGet
609
pip
3,094
Pub
10
RubyGems
833
Rust
782
Swift
34
Unreviewed advisories
All unreviewed
5,000+
15 advisories
Filter by severity
LZ4 vulnerable to Out-of-bounds Write
Critical
CVE-2014-125026
was published
for
github.com/cloudflare/golz4
(Go)
Dec 28, 2022
Subdomain Takeover in Interactsh server
Moderate
CVE-2023-36474
was published
for
github.com/projectdiscovery/interactsh
(Go)
Jan 27, 2022
Hub Package Arbitrary File Overwrite
Moderate
CVE-2014-0177
was published
for
github.com/github/hub
(RubyGems)
Feb 15, 2022
easy-scrypt Observable Timing Discrepancy vulnerability
Moderate
CVE-2014-125055
was published
for
github.com/agnivade/easy-scrypt
(Go)
Jan 7, 2023
SQL Injection in gogs.io/gogs
Moderate
CVE-2014-8681
was published
for
github.com/gogits/gogs
(Go)
Jun 29, 2021
Privilege Escalation in Docker
High
CVE-2014-3499
was published
for
github.com/docker/docker
(Go)
Feb 15, 2022
gosqljson SQL Injection vulnerability
Critical
CVE-2014-125064
was published
for
github.com/elgs/gosqljson
(Go)
Jan 7, 2023
Directory Traversal in Docker
Moderate
CVE-2014-9358
was published
for
github.com/docker/docker
(Go)
Feb 15, 2022
Access Restriction Bypass in Docker
Moderate
CVE-2014-6408
was published
for
github.com/docker/docker
(Go)
Feb 15, 2022
Cross-site Scripting in Gogs
Moderate
CVE-2014-8683
was published
for
gogs.io/gogs
(Go)
Jun 29, 2021
Man-in-the-Middle (MitM)
Moderate
CVE-2014-5277
was published
for
github.com/docker/docker
(Go)
Feb 15, 2022
Arbitrary Code Execution in Docker
High
CVE-2014-6407
was published
for
github.com/docker/docker
(Go)
Feb 15, 2022
Path Traversal in Docker
High
CVE-2014-9356
was published
for
github.com/docker/docker
(Go)
May 18, 2021
Arbitrary Code Execution
High
CVE-2014-9357
was published
for
github.com/docker/docker
(Go)
Feb 15, 2022
ProTip!
Advisories are also available from the
GraphQL API