Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
40
GitHub Actions
38
Go
2,950
Maven
5,000+
npm
4,596
NuGet
787
pip
4,301
Pub
12
RubyGems
982
Rust
1,121
Swift
49
Unreviewed advisories
All unreviewed
5,000+

9 advisories

Loading
Windows BitLocker Information Disclosure Vulnerability Moderate Unreviewed
CVE-2025-21210 was published Jan 14, 2025
Hashicorp Vault vulnerable to denial of service through memory exhaustion High
CVE-2024-8185 was published for github.com/hashicorp/vault (Go) Oct 31, 2024
westonsteimel
Credited to westonsteimel
Remote Registry Service Elevation of Privilege Vulnerability High Unreviewed
CVE-2024-43532 was published Oct 8, 2024
HashiCorpVault does not correctly validate OCSP responses Moderate
CVE-2024-2660 was published for github.com/hashicorp/vault (Go) Apr 4, 2024
A vulnerability was reported in BIOS for ThinkPad P14s Gen 2, P15s Gen 2, T14 Gen 2, and T15 Gen... High Unreviewed
CVE-2023-4030 was published Aug 17, 2023
Docker Swarm encrypted overlay network may be unauthenticated High
CVE-2023-28840 was published for github.com/docker/docker (Go) Apr 4, 2023
corhere quadespresso
cpuguy83 tianon neersighted laurazard akerouanton
Credited to corhere, quadespresso, cpuguy83, tianon, neersighted, laurazard, and akerouanton
Docker Swarm encrypted overlay network traffic may be unencrypted Moderate
CVE-2023-28841 was published for github.com/docker/docker (Go) Apr 4, 2023
corhere cpuguy83
tianon laurazard akerouanton quadespresso neersighted
Credited to corhere, cpuguy83, tianon, laurazard, akerouanton, quadespresso, and neersighted
Docker Swarm encrypted overlay network with a single endpoint is unauthenticated Moderate
CVE-2023-28842 was published for github.com/docker/docker (Go) Apr 4, 2023
corhere neersighted
cpuguy83 tianon quadespresso laurazard akerouanton
Credited to corhere, neersighted, cpuguy83, tianon, quadespresso, laurazard, and akerouanton
In Splunk Add-on Builder (AoB) versions below 4.1.2 and the Splunk CloudConnect SDK versions... Moderate Unreviewed
CVE-2023-22943 was published Feb 14, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database