GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,249
Erlang
31
GitHub Actions
21
Go
2,018
Maven
5,000+
npm
3,723
NuGet
662
pip
3,400
Pub
11
RubyGems
890
Rust
857
Swift
36
Unreviewed advisories
All unreviewed
5,000+
15 advisories
Filter by severity
Jenkins item creation restriction bypass vulnerability
Moderate
CVE-2024-47804
was published
for
org.jenkins-ci.main:jenkins-core
(Maven)
Oct 2, 2024
Wrong type for `Linker`-define functions when used across two `Engine`s
Moderate
CVE-2021-39219
was published
for
wasmtime
(pip)
Sep 20, 2021
`CHECK`-failures in binary ops in Tensorflow
Moderate
CVE-2022-23583
was published
for
tensorflow
(pip)
Feb 10, 2022
Cross-site Scripting in edge.js
Moderate
CVE-2021-23443
was published
for
edge.js
(npm)
Sep 22, 2021
Prototype Pollution in object-path
Moderate
CVE-2021-23434
was published
for
object-path
(npm)
Sep 1, 2021
Prototype Pollution in node-jsonpointer
Moderate
CVE-2021-23807
was published
for
jsonpointer
(npm)
Nov 8, 2021
Prototype Pollution in json-ptr
Moderate
CVE-2021-23509
was published
for
json-ptr
(npm)
Nov 8, 2021
Passing in a non-string 'html' argument can lead to unsanitized output
Moderate
CVE-2021-32696
was published
for
striptags
(npm)
Jun 18, 2021
Type confusion leading to `CHECK`-failure based denial of service in TensorFlow
Moderate
CVE-2022-29209
was published
for
tensorflow
(pip)
May 24, 2022
Prototype Pollution in json-pointer
Moderate
CVE-2021-23820
was published
for
json-pointer
(npm)
Nov 8, 2021
Privilege escalation in mysql-connector-jav
Moderate
CVE-2019-2692
was published
for
mysql:mysql-connector-java
(Maven)
Jul 1, 2020
ProTip!
Advisories are also available from the
GraphQL API