GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,266
Erlang
31
GitHub Actions
21
Go
2,035
Maven
5,000+
npm
3,732
NuGet
662
pip
3,413
Pub
12
RubyGems
891
Rust
865
Swift
36
Unreviewed advisories
All unreviewed
5,000+
42 advisories
Filter by severity
IBM MQ Operator 3.2.2 and IBM MQ Operator 2.0.24 could allow a user to bypass authentication...
High
Unreviewed
CVE-2024-39742
was published
Jul 8, 2024
The “ipaddress” module contained incorrect information about whether certain IPv4 and IPv6...
High
Unreviewed
CVE-2024-4032
was published
Jun 17, 2024
gifsicle-1.94 was found to have a floating point exception (FPE) vulnerability via resize_stream...
High
Unreviewed
CVE-2023-46009
was published
Oct 18, 2023
The SolarWinds Platform was susceptible to the Incorrect Comparison Vulnerability. This...
High
Unreviewed
CVE-2023-23845
was published
Sep 14, 2023
The SolarWinds Platform was susceptible to the Incorrect Comparison Vulnerability. This...
High
Unreviewed
CVE-2023-23840
was published
Sep 14, 2023
In Trusted Firmware-M through TF-Mv1.8.0, for platforms that integrate the CryptoCell accelerator...
High
Unreviewed
CVE-2023-40271
was published
Sep 8, 2023
Jenkins Google Login Plugin non-constant time token comparison
High
CVE-2023-41936
was published
for
org.jenkins-ci.plugins:google-login
(Maven)
Sep 6, 2023
Non-constant time nonce comparison in Jenkins Microsoft Entra ID (previously Azure AD) Plugin
High
CVE-2023-41935
was published
for
org.jenkins-ci.plugins:azure-ad
(Maven)
Sep 6, 2023
An incorrect comparison vulnerability was identified in GitHub Enterprise Server that allowed...
High
Unreviewed
CVE-2023-23764
was published
Jul 27, 2023
The SolarWinds Platform was susceptible to the Incorrect Comparison Vulnerability. This...
High
Unreviewed
CVE-2023-33225
was published
Jul 26, 2023
The SolarWinds Platform was susceptible to the Incorrect Comparison Vulnerability. This...
High
Unreviewed
CVE-2023-23844
was published
Jul 26, 2023
The SolarWinds Platform was susceptible to the Incorrect Comparison Vulnerability. This...
High
Unreviewed
CVE-2023-23843
was published
Jul 26, 2023
Experion server may experience a DoS due to a stack overflow when handling a specially crafted...
High
Unreviewed
CVE-2023-22435
was published
Jul 13, 2023
This vulnerability allows network-adjacent attackers to bypass authentication on affected...
High
Unreviewed
CVE-2022-27645
was published
Mar 29, 2023
This vulnerability allows network-adjacent attackers to bypass authentication on affected...
High
Unreviewed
CVE-2022-43621
was published
Mar 29, 2023
TensorFlow has Floating Point Exception in AudioSpectrogram
High
CVE-2023-25666
was published
for
tensorflow
(pip)
Mar 24, 2023
TensorFlow has Floating Point Exception in AvgPoolGrad with XLA
High
CVE-2023-25669
was published
for
tensorflow
(pip)
Mar 24, 2023
TensorFlow has Floating Point Exception in TensorListSplit with XLA
High
CVE-2023-25673
was published
for
tensorflow
(pip)
Mar 24, 2023
TensorFlow has Segfault in Bincount with XLA
High
CVE-2023-25675
was published
for
tensorflow
(pip)
Mar 24, 2023
TensorFlow has Floating Point Exception in TFLite in conv kernel
High
CVE-2023-27579
was published
for
tensorflow
(pip)
Mar 24, 2023
In JetBrains YouTrack before 2021.2.16363, time-unsafe comparisons were used.
High
Unreviewed
CVE-2021-37550
was published
May 24, 2022
chatwoot is vulnerable to Inefficient Regular Expression Complexity
High
Unreviewed
CVE-2021-3649
was published
May 24, 2022
Codiad Vulnerable to PHP Magic Hash Vulnerability
High
CVE-2020-23355
was published
for
codiad/codiad
(Composer)
May 24, 2022
A denial-of-service vulnerability exists in the traffic-logging functionality of FreyrSCADA IEC...
High
Unreviewed
CVE-2020-13559
was published
May 24, 2022
An unauthenticated client can trigger denial of service by issuing specially crafted wire...
High
Unreviewed
CVE-2019-20925
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API