Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,466
Erlang
33
GitHub Actions
22
Go
2,166
Maven
5,000+
npm
3,829
NuGet
696
pip
3,507
Pub
12
RubyGems
909
Rust
904
Swift
38
Unreviewed advisories
All unreviewed
5,000+

105 advisories

Loading
Denial of Service via incomplete cleanup vulnerability in Apache Tomcat Moderate
CVE-2024-23672 was published for org.apache.tomcat.embed:tomcat-embed-websocket (Maven) Mar 13, 2024
westonsteimel
An unauthenticated remote attacker can gain service level privileges through an incomplete... Moderate Unreviewed
CVE-2024-26005 was published Mar 12, 2024
A flaw was found in the grub2-set-bootflag utility of grub2. After the fix of CVE-2019-14865,... Low Unreviewed
CVE-2024-1048 was published Feb 6, 2024
An Incomplete Cleanup vulnerability in Nonstop active routing (NSR) component of Juniper... Moderate Unreviewed
CVE-2024-21617 was published Jan 12, 2024
Apache Struts Improper Control of Dynamically-Managed Code Resources vulnerability High
CVE-2023-41835 was published for org.apache.struts:struts2-core (Maven) Dec 5, 2023
Incomplete cleanup for some Intel Unison software may allow an authenticated user to potentially... Low Unreviewed
CVE-2022-43477 was published Nov 14, 2023
Incomplete cleanup for some Intel Unison software may allow a privileged user to potentially... Low Unreviewed
CVE-2022-46298 was published Nov 14, 2023
Improper clearing of sensitive data in the ASP Bootloader may expose secret keys to a privileged... Moderate Unreviewed
CVE-2021-46766 was published Nov 14, 2023
Apache Tomcat Incomplete Cleanup vulnerability Moderate
CVE-2023-42795 was published for org.apache.tomcat.embed:tomcat-embed-core (Maven) Oct 10, 2023
biehl1 mpihelgas
Apache Tomcat Incomplete Cleanup vulnerability Moderate
CVE-2023-42794 was published for org.apache.tomcat:tomcat-coyote (Maven) Oct 10, 2023
A double-free flaw was found in the Linux kernel’s NTFS3 subsystem in how a user triggers remount... High Unreviewed
CVE-2022-3238 was published Jul 6, 2023
Upgrading doesn't prevent exploiting vulnerable XWiki documents Critical
CVE-2023-36468 was published for org.xwiki.platform:xwiki-platform-oldcore (Maven) Jun 30, 2023
Improper deletion of resource in the user management feature in Devolutions Server 2023.1.8 and... Low Unreviewed
CVE-2023-2400 was published Jun 20, 2023
Incomplete cleanup in the Intel(R) IPP Cryptography software before version 2021.6 may allow a... Moderate Unreviewed
CVE-2022-40974 was published May 10, 2023
Spring Security logout not clearing security context Moderate
CVE-2023-20862 was published for org.springframework.security:spring-security-core (Maven) Apr 19, 2023
joshbressers
An information leak vulnerability was discovered in HAProxy 2.1, 2.2 before 2.2.27, 2.3, 2.4... High Unreviewed
CVE-2023-0836 was published Mar 29, 2023
redis-py Race Condition due to incomplete fix High
CVE-2023-28859 was published for redis (pip) Mar 26, 2023
artoj-iceye sreecharanguduri
Local privilege escalation due to incomplete uninstallation cleanup. The following products are... High Unreviewed
CVE-2022-45455 was published Feb 13, 2023
An Incomplete Cleanup vulnerability in the Routing Protocol Daemon (rpd) of Juniper Networks... Moderate Unreviewed
CVE-2023-22407 was published Jan 13, 2023
Apache ShardingSphere-Proxy Incomplete Cleanup vulnerability Critical
CVE-2022-45347 was published for org.apache.shardingsphere:shardingsphere-proxy (Maven) Dec 22, 2022
The Zoom Client for Meetings (for Android, iOS, Linux, macOS, and Windows) before version 5.12.6... Low Unreviewed
CVE-2022-28764 was published Nov 15, 2022
Incomplete cleanup in some Intel(R) XMM(TM) 7560 Modem software before version M2_7560_R_01.2146... High Unreviewed
CVE-2022-27639 was published Nov 11, 2022
Xenstore: Guests can get access to Xenstore nodes of deleted domains Access rights of Xenstore... High Unreviewed
CVE-2022-42320 was published Nov 1, 2022
Xenstore: Guests can create orphaned Xenstore nodes By creating multiple nodes inside a... Moderate Unreviewed
CVE-2022-42310 was published Nov 1, 2022
A flaw was found in the Linux kernel. The existing KVM SEV API has a vulnerability that allows a... Moderate Unreviewed
CVE-2022-0171 was published Aug 27, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database