Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,941
Erlang
29
GitHub Actions
16
Go
1,722
Maven
4,952
npm
3,481
NuGet
605
pip
3,049
Pub
10
RubyGems
832
Rust
778
Swift
34
Unreviewed advisories
All unreviewed
5,000+

10 advisories

A firmware bug which may lead to misinterpretation of data in the AMC2-4WCF and AMC2-2WCF... Moderate Unreviewed
CVE-2023-32228 was published Apr 11, 2024
Misinterpretation of Input vulnerability in OpenText™ Service Management Automation X (SMAX),... Moderate Unreviewed
CVE-2023-32260 was published Mar 19, 2024
Misinterpretation of Input in thorsten/phpmyfaq Moderate
CVE-2023-0880 was published for thorsten/phpmyfaq (Composer) Feb 17, 2023
parse-url parses http URLs incorrectly, making it vulnerable to host name spoofing Moderate
CVE-2022-3224 was published for parse-url (npm) Sep 16, 2022
The encoding/xml package in Go (all versions) does not correctly preserve the semantics of... Critical Unreviewed
CVE-2020-29511 was published May 24, 2022
URL Confusion When Scheme Not Supplied in medialize/uri.js Moderate
CVE-2022-1233 was published for urijs (npm) Apr 5, 2022
Authentication Bypass in github.com/russellhaering/gosaml2 Critical
CVE-2020-29509 was published for github.com/russellhaering/gosaml2 (Go) Feb 11, 2022
jupenur
XML Processing error in github.com/crewjam/saml Critical
CVE-2020-27846 was published for github.com/crewjam/saml (Go) Jun 23, 2021
REXML round-trip instability High
CVE-2021-28965 was published for rexml (RubyGems) Apr 30, 2021
Misinterpretation of malicious XML input Moderate
CVE-2021-21366 was published for xmldom (npm) Mar 12, 2021
jupenur karfau
brodybits
ProTip! Advisories are also available from the GraphQL API