GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,274
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,419
Pub
12
RubyGems
891
Rust
872
Swift
36
Unreviewed advisories
All unreviewed
5,000+
25 advisories
Filter by severity
Regular Expression Denial of Service in braces
Low
GHSA-g95f-p29q-9xw4
was published
for
braces
(npm)
Jun 6, 2019
uap-core Regular Expression Denial of Service issue
Moderate
CVE-2018-20164
was published
for
uap-core
(npm)
Mar 6, 2019
An issue was discovered in OWASP ModSecurity Core Rule Set (CRS) through 3.1.0. /rules/REQUEST...
Moderate
Unreviewed
CVE-2019-11388
was published
May 24, 2022
An issue was discovered in OWASP ModSecurity Core Rule Set (CRS) through 3.1.0. /rules/REQUEST...
Moderate
Unreviewed
CVE-2019-11391
was published
May 24, 2022
An issue was discovered in OWASP ModSecurity Core Rule Set (CRS) through 3.1.0. /rules/REQUEST...
Moderate
Unreviewed
CVE-2019-11387
was published
May 24, 2022
An issue was discovered in OWASP ModSecurity Core Rule Set (CRS) through 3.1.0. /rules/REQUEST...
Moderate
Unreviewed
CVE-2019-11389
was published
May 24, 2022
An issue was discovered in OWASP ModSecurity Core Rule Set (CRS) through 3.1.0. /rules/REQUEST...
Moderate
Unreviewed
CVE-2019-11390
was published
May 24, 2022
Regular Expression Denial of Service in sshpk
High
CVE-2018-3737
was published
for
sshpk
(npm)
Aug 15, 2018
Incorrect Regular Expression in RestSharp
High
CVE-2021-27293
was published
for
RestSharp
(NuGet)
Jul 14, 2021
An unanchored /[a-z]{2}/ regular expression in ISPConfig before 3.1.13 makes it possible to...
High
Unreviewed
CVE-2018-17984
was published
May 14, 2022
A flaw was found in openshift-ansible. OpenShift Container Platform (OCP) 3.11 is too permissive...
Moderate
Unreviewed
CVE-2020-1741
was published
May 24, 2022
A vulnerability in the Split DNS feature of Cisco IOS Software and Cisco IOS XE Software could...
High
Unreviewed
CVE-2020-3408
was published
May 24, 2022
Regular Expression Denial of Service in papaparse
High
GHSA-qvjc-g5vr-mfgr
was published
for
papaparse
(npm)
Sep 4, 2020
Incorrect default pattern in Jenkins Audit Trail Plugin
Moderate
CVE-2020-2288
was published
for
org.jenkins-ci.plugins:audit-trail
(Maven)
May 24, 2022
A user authorized to perform database queries may trigger denial of service by issuing specially...
Moderate
Unreviewed
CVE-2020-7929
was published
May 24, 2022
An issue was discovered in Artifex MuJS 1.0.5. regcompx in regexp.c does not restrict regular...
Critical
Unreviewed
CVE-2019-12798
was published
May 24, 2022
An Incorrect Regular Expression vulnerability in Bitdefender GravityZone Update Server allows an...
High
Unreviewed
CVE-2024-2223
was published
Apr 9, 2024
Apache Libcloud vulnerable to certificate impersonation
Moderate
CVE-2012-3446
was published
for
apache-libcloud
(pip)
May 17, 2022
Django denial-of-service possibility in urlize and urlizetrunc template filters
Moderate
CVE-2018-7536
was published
for
Django
(pip)
Jan 4, 2019
The WP Hardening – Fix Your WordPress Security plugin for WordPress is vulnerable to Security...
Moderate
Unreviewed
CVE-2024-6641
was published
Sep 18, 2024
Butterfly's parseJSON, getJSON functions eval malicious input, leading to remote code execution (RCE)
Moderate
GHSA-mpcw-3j5p-p99x
was published
for
org.openrefine.dependencies:butterfly
(Maven)
Oct 24, 2024
Django Denial-of-service possibility in truncatechars_html and truncatewords_html template filters
Low
CVE-2018-7537
was published
for
django
(pip)
Jan 4, 2019
ProTip!
Advisories are also available from the
GraphQL API