Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

46 advisories

Loading
Insufficient Error Handling in http-proxy High
CVE-2017-16014 was published for http-proxy (npm) Nov 9, 2018
An improper check or handling of exceptional conditions in NPU driver prior to SMR Jan-2022... High Unreviewed
CVE-2022-22265 was published Jan 11, 2022
Unhandled case in node-lmdb High
CVE-2022-21164 was published for node-lmdb (npm) Mar 17, 2022
An exploitable memory corruption vulnerability exists in the JavaScript engine of Foxit Software... High Unreviewed
CVE-2019-5031 was published May 24, 2022
Improper handling of exceptional conditions in Bixby prior to version 3.0.53.02 allows attacker... High Unreviewed
CVE-2021-25380 was published May 24, 2022
Denial of service in Open Policy Agent High
CVE-2022-33082 was published for github.com/open-policy-agent/opa (Go) Jul 1, 2022
srenatus kurt-r2c
Denial of service due to incorrect application of event authorization rules High
CVE-2022-31152 was published for matrix-synapse (pip) Aug 31, 2022
A vulnerability in the Simple Network Management Protocol (SNMP) feature of Cisco Adaptive... Moderate Unreviewed
CVE-2022-20924 was published Nov 16, 2022
nadesiko3 allows remote attacker to inject invalid value to decodeURIComponent of nako3edit Moderate
CVE-2022-41777 was published for nadesiko3 (npm) Dec 5, 2022
vitess allows users to create keyspaces that can deny access to already existing keyspaces Moderate
CVE-2023-29194 was published for vitess.io/vitess (Go) Apr 11, 2023
AdamKorcz ajm188
A local file deletion vulnerability in Palo Alto Networks PAN-OS software enables an... Moderate Unreviewed
CVE-2023-0004 was published Apr 12, 2023
An Improper Check or Handling of Exceptional Conditions within the storm control feature of... High Unreviewed
CVE-2023-28965 was published Apr 18, 2023
An Improper Check or Handling of Exceptional Conditions vulnerability in packet processing of... Moderate Unreviewed
CVE-2023-28959 was published Apr 18, 2023
An Improper Check or Handling of Exceptional Conditions vulnerability in packet processing on the... Moderate Unreviewed
CVE-2023-28970 was published Apr 18, 2023
NVIDIA ConnectX-5, ConnectX-6, and ConnectX6-DX contain a vulnerability in the NIC firmware,... High Unreviewed
CVE-2023-0204 was published Apr 22, 2023
VTAdmin users that can create shards can deny access to other functions Moderate
CVE-2023-29195 was published for vitess.io/vitess (Go) May 11, 2023
AdamKorcz ajm188
An Improper Check or Handling of Exceptional Conditions vulnerability in the UTM (Unified Threat... High Unreviewed
CVE-2023-36831 was published Jul 14, 2023
An Improper Check or Handling of Exceptional Conditions vulnerability in the Layer-2 control... Moderate Unreviewed
CVE-2023-36849 was published Jul 14, 2023
An unhandled error in Vault Enterprise's namespace creation may cause the Vault process to crash,... Unknown Unreviewed
CVE-2023-3774 was published Jul 28, 2023
Motorola EBTS/MBTS Site Controller drops to debug prompt on unhandled exception. The Motorola... High Unreviewed
CVE-2023-23774 was published Aug 29, 2023
An Improper Check or Handling of Exceptional Conditions vulnerability in the Packet Forwarding... Moderate Unreviewed
CVE-2023-44203 was published Oct 13, 2023
Apollo Router vulnerable to Improper Check or Handling of Exceptional Conditions High
CVE-2023-45812 was published for apollo-router (Rust) Oct 19, 2023
garypen BrynCooke
BryanBarron jasonbarnett667 shorgi
A flaw was found in KVM. An improper check in svm_set_x2apic_msr_interception() may allow direct... Moderate Unreviewed
CVE-2023-5090 was published Nov 6, 2023
An improper handling of a malformed API answer packets to API clients in Bosch BT software... Moderate Unreviewed
CVE-2023-35867 was published Dec 22, 2023
An improper handling of a malformed API request to an API server in Bosch BT software products... High Unreviewed
CVE-2023-32230 was published Dec 22, 2023
ProTip! Advisories are also available from the GraphQL API