Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,688
Erlang
34
GitHub Actions
26
Go
2,274
Maven
5,000+
npm
3,930
NuGet
706
pip
3,696
Pub
12
RubyGems
919
Rust
955
Swift
38
Unreviewed advisories
All unreviewed
5,000+

15 advisories

Loading
React Router allows a DoS via cache poisoning by forcing SPA mode High
CVE-2025-43864 was published for react-router (npm) Apr 24, 2025
cold-try
Malicious Matrix homeserver can leak truncated message content of messages it shouldn't have access to Moderate
CVE-2024-39691 was published for matrix-appservice-irc (npm) Jul 5, 2024
progval
@hono/node-server has Denial of Service risk when receiving Host header that cannot be parsed High
CVE-2024-32652 was published for @hono/node-server (npm) Apr 19, 2024
Unauthenticated Denial of Service in the octokit/webhooks library High
CVE-2023-50728 was published for @octokit/app (npm) Dec 16, 2023
Directus crashes on invalid WebSocket message High
CVE-2023-45820 was published for directus (npm) Oct 19, 2023
nles
Uncaught Exception in engine.io High
CVE-2022-21676 was published for engine.io (npm) Jan 13, 2022
marwej
Denial of Service in axios High
CVE-2019-10742 was published for axios (npm) May 29, 2019
tdunlap607
Denial of Service in soketi High
CVE-2022-21667 was published for @soketi/soketi (npm) Jan 8, 2022
Uncontrolled Resource Consumption in transpile Moderate
CVE-2021-23429 was published for transpile (npm) Sep 2, 2021
Improper Handling of Exceptional Conditions in detect-character-encoding High
CVE-2021-39157 was published for detect-character-encoding (npm) Aug 25, 2021
Denial of Service (DoS) in restify-paginate High
CVE-2020-27543 was published for restify-paginate (npm) Apr 12, 2021
nadesiko3 allows remote attacker to inject invalid value to decodeURIComponent of nako3edit Moderate
CVE-2022-41777 was published for nadesiko3 (npm) Dec 5, 2022
Parse Server crashes with query parameter High
CVE-2021-39187 was published for parse-server (npm) Sep 2, 2021
mstniy
Directus vulnerable to unhandled exception on illegal filename_disk value Moderate
CVE-2022-36031 was published for directus (npm) Aug 30, 2022
wgorecki
Improper exception handling in Aedes High
CVE-2020-13410 was published for aedes (npm) May 6, 2021
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database