Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,974
Erlang
29
GitHub Actions
16
Go
1,763
Maven
4,988
npm
3,525
NuGet
615
pip
3,099
Pub
10
RubyGems
834
Rust
785
Swift
34
Unreviewed advisories
All unreviewed
5,000+

9 advisories

Loading
Low severity (DoS) vulnerability in sequoia-openpgp Low
GHSA-9344-p847-qm5c was published for sequoia-openpgp (Rust) Jun 26, 2024
A vulnerability has been found in GPAC 2.5-DEV-rev228-g11067ea92-master and classified as... Low Unreviewed
CVE-2024-6061 was published Jun 17, 2024
In QEMU 1:4.1-1, 1:2.1+dfsg-12+deb8u6, 1:2.8+dfsg-6+deb9u8, 1:3.1+dfsg-8~deb10u1, 1:3.1+dfsg-8... Low Unreviewed
CVE-2019-12068 was published May 24, 2022
Cosign vulnerable to possible endless data attack from attacker-controlled registry Low
CVE-2023-46737 was published for github.com/sigstore/cosign (Go) Nov 8, 2023
AdamKorcz pdeslaur
A vulnerability, which was classified as problematic, was found in InternalError503 Forget It up... Low Unreviewed
CVE-2015-10103 was published Apr 17, 2023
The process_tx_desc function in hw/net/e1000.c in QEMU before 2.4.0.1 does not properly process... Low Unreviewed
CVE-2015-6815 was published May 24, 2022
Use of "infinity" as an input to datetime and date fields causes infinite loop in pydantic Low
CVE-2021-29510 was published for pydantic (pip) May 13, 2021
nina-j bluetech
An infinite loop flaw was found in the USB xHCI controller emulation of QEMU while computing the... Low Unreviewed
CVE-2020-14394 was published Aug 18, 2022
linux-loader reading beyond EOF could lead to infinite loop Low
CVE-2022-23523 was published for linux-loader (Rust) Dec 12, 2022
likebreath
ProTip! Advisories are also available from the GraphQL API