Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,205
Erlang
31
GitHub Actions
19
Go
1,988
Maven
5,000+
npm
3,704
NuGet
661
pip
3,332
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+

9,042 advisories

Loading
Moodle Cross-site Scripting (XSS) Moderate
CVE-2024-34000 was published for moodle/moodle (Composer) May 31, 2024
Missing ratelimit on passwrod resets in zenml Moderate
CVE-2024-4311 was published for zenml (pip) Nov 14, 2024
Apache StreamPark: Information leakage vulnerability Moderate
CVE-2024-29120 was published for org.apache.streampark:streampark (Maven) Jul 17, 2024
Infinite loop in github.com/gomarkdown/markdown Moderate
CVE-2024-44337 was published for github.com/gomarkdown/markdown (Go) Oct 15, 2024
ReDoS in giskard's transformation.py (GHSL-2024-324) Moderate
CVE-2024-52524 was published for giskard (pip) Nov 14, 2024
kevinbackhouse
Jenkins Delphix Plugin has SSL/TLS certificate validation disabled by default Moderate
CVE-2024-28161 was published for org.jenkins-ci.plugins:delphix (Maven) Mar 6, 2024
zlib-rs stack overflow during decompression with malicious input Moderate
GHSA-j3px-q95c-9683 was published for libz-rs-sys (Rust) Nov 14, 2024
inahga
Salt preflight script could be attacker controlled Moderate
CVE-2023-34049 was published for salt (pip) Nov 14, 2024
Harbor fails to validate the user permissions when updating a robot account Moderate
CVE-2022-31667 was published for github.com/goharbor/harbor (Go) Sep 16, 2022
andrewpollock
Harbor fails to validate the user permissions when updating tag immutability policies Moderate
CVE-2022-31669 was published for github.com/goharbor/harbor (Go) Sep 16, 2022
michaelkedar
Harbor fails to validate the user permissions when reading job execution logs through the P2P preheat execution logs Moderate
CVE-2022-31671 was published for github.com/goharbor/harbor (Go) Sep 9, 2022
Missing permission check in Jenkins Script Security Plugin Moderate
CVE-2024-52549 was published for org.jenkins-ci.plugins:script-security (Maven) Nov 13, 2024
insane vulnerable to Regular Expression Denial of Service Moderate
CVE-2020-26303 was published for insane (npm) Oct 26, 2024
Foundation Regular Expression Denial of Service vulnerability Moderate
CVE-2020-26304 was published for foundation-sites (npm) Oct 26, 2024
CommonRegexJS Regular Expression Denial of Service vulnerability Moderate
CVE-2020-26305 was published for commonregex (npm) Oct 26, 2024
OpenC3 stores passwords in clear text (`GHSL-2024-129`) Moderate
CVE-2024-47529 was published for @openc3/tool-common (RubyGems) Oct 2, 2024
p-
Ciphertext Malleability Issue in Tink Java Moderate
CVE-2020-8929 was published for com.google.crypto.tink:tink (Maven) Oct 16, 2020
reteptilian
SQL injection in Tortoise ORM Moderate
CVE-2020-11010 was published for tortoise-orm (pip) Apr 20, 2020
Memory leak in Tensorflow Moderate
CVE-2022-23578 was published for tensorflow (pip) Feb 10, 2022
Null pointer dereference in TensorFlow Moderate
CVE-2022-23595 was published for tensorflow (pip) Feb 9, 2022
Memory exhaustion in Tensorflow Moderate
CVE-2022-21733 was published for tensorflow (pip) Feb 10, 2022
Memory exhaustion in Tensorflow Moderate
CVE-2022-21732 was published for tensorflow (pip) Feb 10, 2022
Division by zero in Tensorflow Moderate
CVE-2022-21725 was published for tensorflow (pip) Feb 10, 2022
Code injection in `saved_model_cli` Moderate
CVE-2021-41228 was published for tensorflow (pip) Nov 10, 2021
Arbitrary memory read in `ImmutableConst` Moderate
CVE-2021-41227 was published for tensorflow (pip) Nov 10, 2021
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database