Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
49
GitHub Actions
50
Go
3,615
Maven
5,000+
npm
5,000+
NuGet
925
pip
4,835
Pub
13
RubyGems
1,045
Rust
1,256
Swift
53
Unreviewed advisories
All unreviewed
5,000+

51 advisories

Loading
Improper Digest Verification in httpsig-hyper May Allow Message Integrity Bypass High
CVE-2026-26275 was published for httpsig-hyper (Rust) Feb 17, 2026
divi255 Credited to divi255
Bug fixes in hpke-rs, hpke-rs-rust-crypto High
GHSA-g433-pq76-6cmf was published for hpke-rs (Rust) Feb 13, 2026
A vulnerability in the RADIUS setting Reject RADIUS requests from clients with repeated failures... High Unreviewed
CVE-2025-20343 was published Nov 5, 2025
MantisBT vulnerable to authentication bypass for some passwords due to PHP type juggling High
CVE-2025-47776 was published for mantisbt/mantisbt (Composer) Nov 3, 2025
dregad Credited to dregad and piru piru piru
The SureTriggers: All-in-One Automation Platform plugin for WordPress is vulnerable to an... High Unreviewed
CVE-2025-3102 was published Apr 10, 2025
TCPDF has incorrect comparison High
CVE-2024-56522 was published for tecnickcom/tcpdf (Composer) Dec 27, 2024
IBM MQ Operator 3.2.2 and IBM MQ Operator 2.0.24 could allow a user to bypass authentication... High Unreviewed
CVE-2024-39742 was published Jul 8, 2024
The “ipaddress” module contained incorrect information about whether certain IPv4 and IPv6... High Unreviewed
CVE-2024-4032 was published Jun 17, 2024
SCG Policy Manager, all versions, contains an overly permissive Cross-Origin Resource Policy ... High Unreviewed
CVE-2024-37131 was published Jun 13, 2024
An Incorrect Regular Expression vulnerability in Bitdefender GravityZone Update Server allows an... High Unreviewed
CVE-2024-2223 was published Apr 9, 2024
gifsicle-1.94 was found to have a floating point exception (FPE) vulnerability via resize_stream... High Unreviewed
CVE-2023-46009 was published Oct 18, 2023
The SolarWinds Platform was susceptible to the Incorrect Comparison Vulnerability. This... High Unreviewed
CVE-2023-23845 was published Sep 14, 2023
The SolarWinds Platform was susceptible to the Incorrect Comparison Vulnerability. This... High Unreviewed
CVE-2023-23840 was published Sep 14, 2023
In Trusted Firmware-M through TF-Mv1.8.0, for platforms that integrate the CryptoCell accelerator... High Unreviewed
CVE-2023-40271 was published Sep 8, 2023
Non-constant time nonce comparison in Jenkins Microsoft Entra ID (previously Azure AD) Plugin High
CVE-2023-41935 was published for org.jenkins-ci.plugins:azure-ad (Maven) Sep 6, 2023
Jenkins Google Login Plugin non-constant time token comparison High
CVE-2023-41936 was published for org.jenkins-ci.plugins:google-login (Maven) Sep 6, 2023
An incorrect comparison vulnerability was identified in GitHub Enterprise Server that allowed... High Unreviewed
CVE-2023-23764 was published Jul 27, 2023
The SolarWinds Platform was susceptible to the Incorrect Comparison Vulnerability. This... High Unreviewed
CVE-2023-23844 was published Jul 26, 2023
The SolarWinds Platform was susceptible to the Incorrect Comparison Vulnerability. This... High Unreviewed
CVE-2023-23843 was published Jul 26, 2023
The SolarWinds Platform was susceptible to the Incorrect Comparison Vulnerability. This... High Unreviewed
CVE-2023-33225 was published Jul 26, 2023
Experion server may experience a DoS due to a stack overflow when handling a specially crafted... High Unreviewed
CVE-2023-22435 was published Jul 13, 2023
This vulnerability allows network-adjacent attackers to bypass authentication on affected... High Unreviewed
CVE-2022-27645 was published Mar 29, 2023
This vulnerability allows network-adjacent attackers to bypass authentication on affected... High Unreviewed
CVE-2022-43621 was published Mar 29, 2023
TensorFlow has Floating Point Exception in AudioSpectrogram High
CVE-2023-25666 was published for tensorflow (pip) Mar 24, 2023
TensorFlow has Floating Point Exception in AvgPoolGrad with XLA High
CVE-2023-25669 was published for tensorflow (pip) Mar 24, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database