GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 19,358
Composer 3,967
Erlang 29
GitHub Actions 16
Go 1,748
Maven 4,978
npm 3,509
NuGet 609
pip 3,075
Pub 10
RubyGems 832
Rust 781
Swift 34

Unreviewed advisories

All unreviewed 221,262

CC-BY-4.0 License

Language support

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

34 advisories

Filter by severity

Sort by

Least recently updated

mysql2 cache poisoning vulnerability Moderate

CVE-2024-21507 was published for mysql2 (npm) Apr 10, 2024

Cache Poisoning Vulnerability Moderate

CVE-2024-29042 was published for translate (npm) Mar 22, 2024

Follow Redirects improperly handles URLs in the url.parse() function Moderate

CVE-2023-26159 was published for follow-redirects (npm) Jan 2, 2024

Cube API denial of service attack Moderate

CVE-2023-50709 was published for @cubejs-backend/api-gateway (npm) Dec 13, 2023

@adobe/css-tools Improper Input Validation and Inefficient Regular Expression Complexity Moderate

CVE-2023-48631 was published for @adobe/css-tools (npm) Nov 30, 2023

JWT Algorithm Confusion Moderate

CVE-2023-48223 was published for fast-jwt (npm) Nov 20, 2023

Improper Input Validation in vriteio/vrite Moderate

CVE-2023-5571 was published for @vrite/sdk (npm) Oct 13, 2023

Improper Input Validation in nocodb Moderate

CVE-2023-5104 was published for nocodb (npm) Sep 21, 2023

@adobe/css-tools Regular Expression Denial of Service (ReDOS) while Parsing CSS Moderate

CVE-2023-26364 was published for @adobe/css-tools (npm) Aug 29, 2023

matrix-appservice-irc IRC command injection via admin commands containing newlines Moderate

CVE-2023-38690 was published for matrix-appservice-irc (npm) Aug 4, 2023

Invalid push request payload crashes Parse Server Moderate

CVE-2023-32688 was published for parse-server-push-adapter (npm) May 22, 2023

Improper beacon events in matrix-js-sdk can result in availability issues Moderate

CVE-2022-39236 was published for matrix-js-sdk (npm) Sep 29, 2022

AutoUpdater module fails to validate certain nested components of the bundle Moderate

CVE-2022-29257 was published for electron (npm) Jun 16, 2022

Improper Input Validation in strapi Moderate

CVE-2020-13961 was published for strapi (npm) May 24, 2022

Auth0 angular-jwt misinterprets allowlist as regex Moderate

CVE-2018-11537 was published for angular-jwt (npm) May 14, 2022

Spoofing attack in swagger-ui Moderate

CVE-2018-25031 was published for swagger-ui (npm) Mar 12, 2022

Improper Input Validation in url-js Moderate

CVE-2022-25839 was published for url-js (npm) Mar 12, 2022

Leading white space bypasses protocol validation Moderate

CVE-2022-24723 was published for urijs (npm) Mar 3, 2022

Denial of Service Vulnerability in next.js Moderate

CVE-2022-21721 was published for next (npm) Jan 28, 2022

Improper Validation and Sanitization in url-parse Moderate

CVE-2020-8124 was published for url-parse (npm) Jan 6, 2022

Improperly Controlled Modification of Dynamically-Determined Object Attributes in vega-util Moderate

CVE-2019-10806 was published for vega-util (npm) May 7, 2021

Improper Input Validation in Google Closure Library Moderate

CVE-2020-8910 was published for google-closure-library (npm) May 7, 2021

Improper Input Validation in sanitize-html Moderate

CVE-2021-26540 was published for sanitize-html (npm) May 6, 2021

Improper Input Validation in sanitize-html Moderate

CVE-2021-26539 was published for sanitize-html (npm) May 6, 2021

Improper Input Validation in SocksJS-Node Moderate

CVE-2020-7693 was published for sockjs (npm) Apr 13, 2021

Previous 1 2 Next

ProTip! Advisories are also available from the GraphQL API

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

34 advisories