Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,224
Erlang
31
GitHub Actions
19
Go
1,990
Maven
5,000+
npm
3,706
NuGet
661
pip
3,336
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+

25 advisories

Loading
Butterfly's parseJSON, getJSON functions eval malicious input, leading to remote code execution (RCE) Moderate
GHSA-mpcw-3j5p-p99x was published for org.openrefine.dependencies:butterfly (Maven) Oct 24, 2024
The WP Hardening – Fix Your WordPress Security plugin for WordPress is vulnerable to Security... Moderate Unreviewed
CVE-2024-6641 was published Sep 18, 2024
An Incorrect Regular Expression vulnerability in Bitdefender GravityZone Update Server allows an... High Unreviewed
CVE-2024-2223 was published Apr 9, 2024
A user authorized to perform database queries may trigger denial of service by issuing specially... Moderate Unreviewed
CVE-2020-7929 was published May 24, 2022
Incorrect default pattern in Jenkins Audit Trail Plugin Moderate
CVE-2020-2288 was published for org.jenkins-ci.plugins:audit-trail (Maven) May 24, 2022
NotMyFault
A vulnerability in the Split DNS feature of Cisco IOS Software and Cisco IOS XE Software could... High Unreviewed
CVE-2020-3408 was published May 24, 2022
A flaw was found in openshift-ansible. OpenShift Container Platform (OCP) 3.11 is too permissive... Moderate Unreviewed
CVE-2020-1741 was published May 24, 2022
Istio ReDoS Vulnerability High
CVE-2019-14993 was published for istio.io/istio (Go) May 24, 2022
An issue was discovered in Artifex MuJS 1.0.5. regcompx in regexp.c does not restrict regular... Critical Unreviewed
CVE-2019-12798 was published May 24, 2022
An issue was discovered in OWASP ModSecurity Core Rule Set (CRS) through 3.1.0. /rules/REQUEST... Moderate Unreviewed
CVE-2019-11388 was published May 24, 2022
An issue was discovered in OWASP ModSecurity Core Rule Set (CRS) through 3.1.0. /rules/REQUEST... Moderate Unreviewed
CVE-2019-11389 was published May 24, 2022
An issue was discovered in OWASP ModSecurity Core Rule Set (CRS) through 3.1.0. /rules/REQUEST... Moderate Unreviewed
CVE-2019-11391 was published May 24, 2022
An issue was discovered in OWASP ModSecurity Core Rule Set (CRS) through 3.1.0. /rules/REQUEST... Moderate Unreviewed
CVE-2019-11390 was published May 24, 2022
An issue was discovered in OWASP ModSecurity Core Rule Set (CRS) through 3.1.0. /rules/REQUEST... Moderate Unreviewed
CVE-2019-11387 was published May 24, 2022
Apache Libcloud vulnerable to certificate impersonation Moderate
CVE-2012-3446 was published for apache-libcloud (pip) May 17, 2022
An unanchored /[a-z]{2}/ regular expression in ISPConfig before 3.1.13 makes it possible to... High Unreviewed
CVE-2018-17984 was published May 14, 2022
Incorrect Regular Expression in RestSharp High
CVE-2021-27293 was published for RestSharp (NuGet) Jul 14, 2021
Regular Expression Denial of Service in papaparse High
GHSA-qvjc-g5vr-mfgr was published for papaparse (npm) Sep 4, 2020
tdunlap607
Regular Expression Denial of Service in braces Low
GHSA-g95f-p29q-9xw4 was published for braces (npm) Jun 6, 2019
uap-core Regular Expression Denial of Service issue Moderate
CVE-2018-20164 was published for uap-core (npm) Mar 6, 2019
Django denial-of-service possibility in urlize and urlizetrunc template filters Moderate
CVE-2018-7536 was published for Django (pip) Jan 4, 2019
tdunlap607
Django Denial-of-service possibility in truncatechars_html and truncatewords_html template filters Moderate
CVE-2018-7537 was published for django (pip) Jan 4, 2019
sunSUNQ
js-bson vulnerable to REDoS High
CVE-2018-13863 was published for bson (npm) Sep 17, 2018
Mosca REDoS Vulnerability High
CVE-2018-11615 was published for mosca (npm) Aug 31, 2018
Regular Expression Denial of Service in sshpk High
CVE-2018-3737 was published for sshpk (npm) Aug 15, 2018
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database