Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
20
Go
2,000
Maven
5,000+
npm
3,711
NuGet
661
pip
3,383
Pub
11
RubyGems
885
Rust
849
Swift
36
Unreviewed advisories
All unreviewed
5,000+

8 advisories

Loading
Privilege Context Switching Error in Elasticsearch Low
CVE-2020-7020 was published for org.elasticsearch:elasticsearch (Maven) Mar 18, 2021
Privilege Context Switching Error in wildlfy Moderate
CVE-2020-1719 was published for org.wildfly.bom:wildfly (Maven) Jun 8, 2021
xwiki-platform vulnerable to Remote Code Execution in Annotations Critical
CVE-2023-26475 was published for org.xwiki.platform:xwiki-platform-annotation-ui (Maven) Mar 2, 2023
renniepak
Apache Airflow vulnerable to Privilege Context Switching Error Critical
CVE-2023-25754 was published for apache-airflow (pip) May 8, 2023
XWiki Rendering's footnote macro vulnerable to privilege escalation via the footnote macro High
CVE-2023-37912 was published for org.xwiki.platform:xwiki-core-rendering-macro-footnotes (Maven) Oct 25, 2023
Aimeos denial of service vulnerability in SaaS and marketplace setups Moderate
CVE-2024-37294 was published for aimeos/aimeos-core (Composer) May 29, 2024
ssshah2131
ai-admin-graphql has a Denial of service vulnerability in SaaS and marketplace setups Moderate
CVE-2024-47173 was published for aimeos/ai-admin-graphql (Composer) Oct 24, 2024
ssshah2131
HTTP Client uses incorrect token after refresh Moderate
CVE-2024-51987 was published for Duende.AccessTokenManagement.OpenIdConnect (NuGet) Nov 7, 2024
natelaff
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database