GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
20
Go
2,000
Maven
5,000+
npm
3,711
NuGet
661
pip
3,383
Pub
11
RubyGems
885
Rust
849
Swift
36
Unreviewed advisories
All unreviewed
5,000+
77 advisories
Filter by severity
XWiki Platform vulnerable to page render failure due to broken translations
Moderate
CVE-2023-29520
was published
for
org.xwiki.platform:xwiki-platform-localization-source-wiki
(Maven)
Apr 20, 2023
Uncaught Exception in thorsten/phpmyfaq
High
CVE-2023-0790
was published
for
thorsten/phpmyfaq
(Composer)
Feb 12, 2023
mercurius has Uncaught Exception when using subscriptions
Moderate
CVE-2023-22477
was published
for
mercurius
(npm)
Jan 9, 2023
Uncaught exception in engine.io
Moderate
CVE-2022-41940
was published
for
engine.io
(npm)
Nov 21, 2022
fastify/websocket vulnerable to uncaught exception via crash on malformed packet
High
CVE-2022-39386
was published
for
@fastify/websocket
(npm)
Nov 7, 2022
Keylime: unhandled exceptions could lead to invalid attestation states
High
CVE-2022-3500
was published
for
Keylime
(pip)
Oct 28, 2022
A vulnerability in the processing of malformed Common Industrial Protocol (CIP) packets that are...
High
Unreviewed
CVE-2022-20919
was published
Oct 1, 2022
Unexpected server crash in Next.js
Moderate
CVE-2022-36046
was published
for
next
(npm)
Aug 30, 2022
Uncaught Exception (due to a data race) leads to process termination in Waitress
High
CVE-2022-31015
was published
for
waitress
(pip)
Jun 2, 2022
Camaleon CMS vulnerable to Uncaught Exception
Moderate
CVE-2021-25971
was published
for
camaleon_cms
(RubyGems)
May 24, 2022
A vulnerability has been identified in SIMATIC ET 200SP Open Controller (incl. SIPLUS variants) ...
High
Unreviewed
CVE-2020-15796
was published
May 24, 2022
It was found in AMQ Online before 1.5.2 that injecting an invalid field to a user's AddressSpace...
Moderate
Unreviewed
CVE-2020-14348
was published
May 24, 2022
Undertow Uncaught Exception vulnerability
Moderate
CVE-2016-7046
was published
for
io.undertow:undertow-core
(Maven)
May 17, 2022
Crash when decoding malformed HTTP requests or malformed JSON payload
High
CVE-2018-1330
was published
for
org.apache.mesos:mesos
(Maven)
May 14, 2022
A vulnerability has been identified in SIMATIC CP 443-1 OPC UA (All versions), SIMATIC ET 200SP...
High
Unreviewed
CVE-2019-6575
was published
May 13, 2022
Denial-of-Service when binding invalid parameters in sqlite3
High
CVE-2022-21227
was published
for
sqlite3
(npm)
Apr 28, 2022
Denial of Service vulnerability in @podium/layout and @podium/proxy
High
CVE-2022-24822
was published
for
@podium/layout
(npm)
Apr 7, 2022
Uncaught Exception in zip4j
Moderate
CVE-2022-24615
was published
for
net.lingala.zip4j:zip4j
(Maven)
Feb 25, 2022
DOS and Open Redirect with user input
High
CVE-2021-22964
was published
for
fastify-static
(npm)
Oct 12, 2021
Denial of Service in node-static
Moderate
GHSA-8r4g-cg4m-x23c
was published
for
node-static
(npm)
Sep 22, 2021
Uncaught Exception in libpulse-binding
Moderate
GHSA-wcxc-jf6c-8rx9
was published
for
libpulse-binding
(Rust)
Aug 25, 2021
Uncaught Exception in jsoup
High
CVE-2021-37714
was published
for
org.jsoup:jsoup
(Maven)
Aug 23, 2021
Uncaught Exception leading to Denial of Service in json-sanitizer
High
CVE-2021-23900
was published
for
com.mikesamuel:json-sanitizer
(Maven)
May 13, 2021
ProTip!
Advisories are also available from the
GraphQL API