Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,383
Erlang
33
GitHub Actions
22
Go
2,141
Maven
5,000+
npm
3,803
NuGet
687
pip
3,479
Pub
12
RubyGems
897
Rust
898
Swift
38
Unreviewed advisories
All unreviewed
5,000+

10 advisories

Loading
A flaw that boot CPU could be vulnerable for the speculative execution behavior kind of attacks... Moderate Unreviewed
CVE-2023-1637 was published Mar 28, 2023
SixLabors.ImageSharp vulnerable to data leakage Moderate
CVE-2024-32036 was published for SixLabors.ImageSharp (NuGet) Apr 15, 2024
antonfirsov
Moodle HTTP authorization header is preserved between "emulated redirects" Moderate
CVE-2024-38275 was published for moodle/moodle (Composer) Jun 18, 2024
Sensitive information in resource not removed before reuse in some Intel(R) TDX Seamldr module... High Unreviewed
CVE-2024-21850 was published Nov 13, 2024
When using Arm Cortex-M Security Extensions (CMSE), Secure stack contents can be leaked to Non... Low Unreviewed
CVE-2024-7883 was published Oct 31, 2024
The AppsAnywhere macOS client-privileged helper can be tricked into executing arbitrary commands... High Unreviewed
CVE-2023-41138 was published Nov 9, 2023
A known cache speculation vulnerability, known as Branch History Injection (BHI) or Spectre-BHB,... Moderate Unreviewed
CVE-2023-3006 was published May 31, 2023
Buffer not correctly recycled in Gzip Request inflation Moderate
CVE-2020-27218 was published for org.eclipse.jetty:jetty-server (Maven) Dec 2, 2020
easbar karussell
Wasmtime may have data leakage between instances in the pooling allocator High
CVE-2022-39393 was published for wasmtime (Rust) Nov 10, 2022
alexcrichton
Duplicate Advisory: `#[zeroize(drop)]` doesn't implement `Drop` for `enum`s High
GHSA-r45x-ghr2-qjxc was published for zeroize_derive (Rust) Jun 17, 2022 withdrawn
KamilaBorowska
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database