Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
49
GitHub Actions
49
Go
3,489
Maven
5,000+
npm
5,000+
NuGet
892
pip
4,745
Pub
13
RubyGems
1,033
Rust
1,228
Swift
53
Unreviewed advisories
All unreviewed
5,000+

179 advisories

Loading
fastify/websocket vulnerable to uncaught exception via crash on malformed packet High
CVE-2022-39386 was published for @fastify/websocket (npm) Nov 7, 2022
marcolanaro Credited to marcolanaro, ramonsnir, and tdunlap607 ramonsnir ramonsnir
tdunlap607 tdunlap607
Uncaught exception in engine.io Moderate
CVE-2022-41940 was published for engine.io (npm) Nov 21, 2022
G-Rath Credited to G-Rath
In F?Secure Endpoint Protection for Windows and macOS before channel with Capricorn database 2022... High Unreviewed
CVE-2022-38166 was published Nov 25, 2022
mercurius has Uncaught Exception when using subscriptions Moderate
CVE-2023-22477 was published for mercurius (npm) Jan 9, 2023
marcolanaro Credited to marcolanaro
NLnet Labs Krill supports direct access to the RRDP repository content through its built-in web... High Unreviewed
CVE-2023-0158 was published Jan 17, 2023
Uncaught Exception in thorsten/phpmyfaq High
CVE-2023-0790 was published for thorsten/phpmyfaq (Composer) Feb 12, 2023
In thermal, there is a possible memory corruption due to an uncaught exception. This could lead... Moderate Unreviewed
CVE-2023-20628 was published Mar 7, 2023
In PreferencesHelper.java, an uncaught exception may cause the device to get stuck in a boot loop... Moderate Unreviewed
CVE-2023-21087 was published Apr 19, 2023
XWiki Platform vulnerable to page render failure due to broken translations Moderate
CVE-2023-29520 was published for org.xwiki.platform:xwiki-platform-localization-source-wiki (Maven) Apr 20, 2023
Uncaught Exception in yaml High
CVE-2023-2251 was published for yaml (npm) Apr 24, 2023
chadlwilson Credited to chadlwilson, pmartinat, and mrgrain pmartinat pmartinat
mrgrain mrgrain
engine.io Uncaught Exception vulnerability Moderate
CVE-2023-31125 was published for engine.io (npm) May 3, 2023
Unchecked parameter value in M-Files Server in versions before 23.6.12695.3 (excluding 23.2 SR2... High Unreviewed
CVE-2023-3405 was published Jun 27, 2023
Vulnerability of failures to capture exceptions in the communication framework. Successful... High Unreviewed
CVE-2023-1691 was published Jul 6, 2023
In Splunk Enterprise versions below 8.1.13, 8.2.10, and 9.0.4, an improperly-formatted ... High Unreviewed
CVE-2023-22941 was published Jul 6, 2023
DoS vulnerability for apps with sockets enabled High
CVE-2023-38504 was published for sails (npm) Jul 27, 2023
ThomasRinsma Credited to ThomasRinsma, DominusKelvin, and eashaw DominusKelvin DominusKelvin
eashaw eashaw
json2xml Uncaught Exception vulnerability High
CVE-2022-25024 was published for json2xml (pip) Aug 23, 2023
Motorola EBTS/MBTS Site Controller drops to debug prompt on unhandled exception. The Motorola... High Unreviewed
CVE-2023-23774 was published Aug 29, 2023
Denial of Service Vulnerability in gRPC TCP Server (Posix-compatible platforms) High
CVE-2023-4785 was published for grpc (RubyGems) Sep 13, 2023
hahwul Credited to hahwul
NVIDIA Cumulus Linux contains a vulnerability in neighmgrd and nlmanager where an attacker on an... Moderate Unreviewed
CVE-2023-25526 was published Sep 20, 2023
phonenumber panics on parsing crafted RFC3966 inputs High
CVE-2023-42444 was published for phonenumber (Rust) Sep 21, 2023
sno2 Credited to sno2 and gferon gferon gferon
stellar-strkey vulnerable to panic in SignedPayload::from_payload Moderate
CVE-2023-46135 was published for stellar-strkey (Rust) Oct 25, 2023
yeggor Credited to yeggor
quic-go vulnerable to pointer dereference that can lead to panic High
CVE-2023-46239 was published for github.com/quic-go/quic-go (Go) Oct 30, 2023
A vulnerability in ICMPv6 processing of Cisco Adaptive Security Appliance (ASA) Software and... High Unreviewed
CVE-2023-20086 was published Nov 1, 2023
Vulnerability of uncaught exceptions in the NFC module. Successful exploitation of this... High Unreviewed
CVE-2023-46765 was published Nov 8, 2023
Uncaught exception for some Intel Unison software may allow an authenticated user to potentially... Moderate Unreviewed
CVE-2023-22290 was published Nov 14, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database