Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,090
Erlang
29
GitHub Actions
19
Go
1,915
Maven
5,000+
npm
3,646
NuGet
638
pip
3,262
Pub
10
RubyGems
870
Rust
821
Swift
35
Unreviewed advisories
All unreviewed
5,000+

5 advisories

Loading
Undertow vulnerable to Denial of Service (DoS) attacks High
CVE-2021-3859 was published for io.undertow:undertow-core (Maven) Jul 15, 2022
Veracode Scan Jenkins Plugin vulnerable to information disclosure Moderate
CVE-2023-25722 was published for com.veracode.jenkins:veracode-scan (Maven) Mar 28, 2023
CloudLinux CageFS 7.1.1-1 or below passes the authentication token as command line argument. In... High Unreviewed
CVE-2020-36771 was published Jan 22, 2024
Invocation of the sqlplus command with sensitive information in the command line in the mk_oracle... Low Unreviewed
CVE-2024-1742 was published Mar 22, 2024
IBM QRadar Suite Software 1.10.12.0 through 1.10.23.0 and IBM Cloud Pak for Security 1.10.0.0... Moderate Unreviewed
CVE-2024-28799 was published Aug 14, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database