Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
21
Go
2,003
Maven
5,000+
npm
3,714
NuGet
661
pip
3,387
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+

15 advisories

Loading
A CWE-15 "External Control of System or Configuration Setting" was discovered affecting the... High Unreviewed
CVE-2024-50358 was published Nov 26, 2024
Incorrect control of environment variables in PostgreSQL PL/Perl allows an unprivileged database... High Unreviewed
CVE-2024-10979 was published Nov 14, 2024
Flowise OverrideConfig security vulnerability High
GHSA-5cph-wvm9-45gj was published for flowise (npm) Nov 21, 2024
ryanhalliday
github.com/gitpod-io/gitpod vulnerable to Cookie Tossing Moderate
CVE-2024-21583 was published for github.com/gitpod-io/gitpod (Go) Jul 19, 2024
mooSocial 3.1.8 is vulnerable to external service interaction on post function. When executed,... Moderate Unreviewed
CVE-2023-43323 was published Sep 28, 2023
Unauthorized startup vulnerability of background apps. Successful exploitation of this... Moderate Unreviewed
CVE-2023-46764 was published Nov 8, 2023
A vulnerability was found in Unbound due to incorrect default permissions, allowing any process... High Unreviewed
CVE-2024-1488 was published Feb 15, 2024
A vulnerability in parisneo/lollms-webui versions up to 9.3 allows remote attackers to execute... Critical Unreviewed
CVE-2024-4326 was published May 16, 2024
A vulnerability exists by allowing low-privileged users to read and update the data in various... High Unreviewed
CVE-2023-3321 was published Jul 24, 2023
Versions 00.07.00 through 00.07.03.4 of Teltonika’s RUT router firmware contain a packet dump... High Unreviewed
CVE-2023-32349 was published Jul 6, 2023
A configuration setting issue in seccenter.exe as used in Bitdefender Total Security, Bitdefender... High Unreviewed
CVE-2023-6154 was published Apr 1, 2024
Micronaut management endpoints vulnerable to drive-by localhost attack Moderate
CVE-2024-23639 was published for io.micronaut:micronaut-http-server (Maven) Feb 9, 2024
in-toto vulnerable to Configuration Read From Local Directory Moderate
CVE-2023-32076 was published for in-toto (pip) May 11, 2023
External Control of System or Configuration Setting in GitHub repository instantsoft/icms2 prior... High Unreviewed
CVE-2023-4704 was published Sep 1, 2023
Some API functions allow interaction with the registry, which includes reading values as well as... Critical Unreviewed
CVE-2021-38453 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database