Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
49
GitHub Actions
49
Go
3,479
Maven
5,000+
npm
5,000+
NuGet
886
pip
4,740
Pub
13
RubyGems
1,031
Rust
1,225
Swift
53
Unreviewed advisories
All unreviewed
5,000+

14 advisories

Loading
OpenClaw: Security Scan Failure Does Not Block Plugin Installation (Fail-Open) Low
GHSA-cwq8-6f96-g3q4 was published for openclaw (npm) Apr 2, 2026
davidluzsilva Credited to davidluzsilva
@grackle-ai/server JSON.parse lacks try-catch logic in its gRPC Service AdapterConfig Handling Low
GHSA-8g29-8xwr-qmhr was published for @grackle-ai/server (npm) Mar 25, 2026
ingress-nginx has Improper Check for Unusual or Exceptional Conditions Low
CVE-2026-24513 was published for k8s.io/ingress-nginx (Go) Feb 4, 2026
Drupal core allows Forceful Browsing Low
CVE-2025-13080 was published for drupal/core (Composer) Nov 18, 2025
Mattermost has Improper Check for Unusual or Exceptional Conditions Low
CVE-2025-22445 was published for github.com/mattermost/mattermost/server/v8 (Go) Jan 9, 2025
Moodle has insufficient capability checks Low
CVE-2024-43435 was published for moodle/moodle (Composer) Nov 11, 2024
XMP Toolkit's `XmpFile::close` can trigger undefined behavior Low
GHSA-66fw-43h8-f8p3 was published for xmp_toolkit (Rust) Jul 26, 2024
CHECK-fail in `QuantizeAndDequantizeV4Grad` Low
CVE-2021-29544 was published for tensorflow (pip) May 21, 2021
CHECK-fail in SparseConcat Low
CVE-2021-29534 was published for tensorflow (pip) May 21, 2021
CHECK-fail in DrawBoundingBoxes Low
CVE-2021-29533 was published for tensorflow (pip) May 21, 2021
CHECK-fail in tf.raw_ops.EncodePng Low
CVE-2021-29531 was published for tensorflow (pip) May 21, 2021
Unauthorized client-side property update in UIDL request handler in Vaadin 10 and 11 Low
CVE-2018-25007 was published for com.vaadin:flow-server (Maven) Apr 19, 2021
Unauthorized client-side property update in UIDL request handler in Vaadin 10 and 11 Low
GHSA-3h5r-928v-mxhh was published for com.vaadin:vaadin-bom (Maven) Apr 19, 2021
Segmentation faultin TensorFlow when converting a Python string to `tf.float16` Low
CVE-2020-5215 was published for tensorflow (pip) Jan 28, 2020
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database