Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,968
Erlang
39
GitHub Actions
38
Go
2,616
Maven
5,000+
npm
4,255
NuGet
760
pip
4,040
Pub
12
RubyGems
953
Rust
1,050
Swift
45
Unreviewed advisories
All unreviewed
5,000+

22 advisories

Loading
uv has differential in tar extraction with PAX headers Low
GHSA-w476-p2h3-79g9 was published for uv (pip) Oct 21, 2025
woodruffw zanieb
Credited to woodruffw and zanieb
A flaw was found in the exsltFuncResultComp() function of libxslt, which handles EXSLT <func... Low Unreviewed
CVE-2025-11731 was published Oct 14, 2025
in OpenHarmony v5.0.3 and prior versions allow a local attacker cause DOS through type confusion. Low Unreviewed
CVE-2025-27536 was published Aug 11, 2025
in OpenHarmony v5.0.3 and prior versions allow a local attacker cause apps crash through type... Low Unreviewed
CVE-2025-20063 was published Jun 8, 2025
in OpenHarmony v5.0.3 and prior versions allow a local attacker cause apps crash through type... Low Unreviewed
CVE-2025-21082 was published Jun 8, 2025
SCSIR has a Potential Unsound Issue in WriteSameCommand Low
CVE-2025-48756 was published for scsir (Rust) May 24, 2025
obfstr Type Confusion vulnerability Low
CVE-2024-58253 was published for obfstr (Rust) May 2, 2025
Strawberry GraphQL has type resolution vulnerability in node interface that allows potential data leakage through incorrect type resolution Low
CVE-2025-22151 was published for strawberry-graphql (pip) Jan 9, 2025
jamietdavidson bellini666
patrick91
Credited to jamietdavidson, bellini666, and patrick91
in OpenHarmony v4.0.0 and prior versions allow a local attacker cause apps crash through type... Low Unreviewed
CVE-2024-36278 was published Jul 2, 2024
in OpenHarmony v4.0.0 and prior versions allow a local attacker cause apps crash through type... Low Unreviewed
CVE-2024-31071 was published Jul 2, 2024
Wasmtime vulnerable to panic when using a dropped extenref-typed element segment Low
CVE-2024-30266 was published for wasmtime (Rust) Apr 2, 2024
ShinWonho
Credited to ShinWonho
in OpenHarmony v3.2.4 and prior versions allow a local attacker cause apps crash through type... Low Unreviewed
CVE-2024-21834 was published Apr 2, 2024
in OpenHarmony v3.2.4 and prior versions allow a local attacker cause apps crash through type... Low Unreviewed
CVE-2023-49602 was published Mar 4, 2024
A flaw was found in the Linux Kernel. The tls_is_tx_ready() incorrectly checks for list emptiness... Low Unreviewed
CVE-2023-1075 was published Mar 27, 2023
Acrobat Reader DC versions 2021.005.20054 (and earlier), 2020.004.30005 (and earlier) and 2017... Low Unreviewed
CVE-2021-28643 was published May 24, 2022
Acrobat Reader DC versions 2021.005.20054 (and earlier), 2020.004.30005 (and earlier) and 2017... Low Unreviewed
CVE-2021-35986 was published May 24, 2022
OCI Manifest Type Confusion Issue Low
GHSA-qq97-vm5h-rrhg was published for github.com/docker/distribution (Go) Feb 8, 2022
samuelkarp
Credited to samuelkarp
Clarify Content-Type handling Low
CVE-2021-41190 was published for github.com/opencontainers/distribution-spec (Go) Nov 18, 2021
jonjohnsonjr
Credited to jonjohnsonjr
Ambiguous OCI manifest parsing Low
GHSA-5j5w-g665-5m35 was published for github.com/containerd/containerd (Go) Nov 18, 2021
tdunlap607
Credited to tdunlap607
Clarify `mediaType` handling Low
GHSA-77vh-xpmg-72qh was published for github.com/opencontainers/image-spec (Go) Nov 18, 2021
Cross-site Scripting in bootstrap-table Low
CVE-2021-23472 was published for bootstrap-table (npm) Nov 8, 2021
CHECK-fail in SparseCross due to type confusion Low
CVE-2021-29519 was published for tensorflow (pip) May 21, 2021
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database