Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,750
Maven
5,000+
npm
4,353
NuGet
765
pip
4,114
Pub
12
RubyGems
960
Rust
1,069
Swift
45
Unreviewed advisories
All unreviewed
5,000+

22 advisories

Filter by severity
All severities
Low
Moderate
High
Critical
Loading
Envoy's TLS certificate matcher for `match_typed_subject_alt_names` may incorrectly treat certificates containing an embedded null byte Moderate
CVE-2025-66220 was published for github.com/envoyproxy/envoy (Go) Dec 5, 2025
botengyaophlax
ggreenwayyanavlasovagrawroh
Credited to botengyao, phlax, ggreenway, yanavlasov, and agrawroh
python-ldap is Vulnerable to Improper Encoding or Escaping of Output and Improper Null Termination Moderate
CVE-2025-61912 was published for python-ldap (pip) Oct 10, 2025
aradona91
Credited to aradona91
Improper Null Termination vulnerability in Open Networking Foundation (ONF) libfluid ... Moderate Unreviewed
CVE-2024-31197 was published Sep 18, 2024
Microsoft SQL Server Information Disclosure Vulnerability High Unreviewed
CVE-2024-43474 was published Sep 10, 2024
A missing null-termination character in the last element of an nvlist array string can lead to... High Unreviewed
CVE-2024-45288 was published Sep 5, 2024
A vulnerability has been identified in CPC80 Central Processing/Communication (All versions < V16... High Unreviewed
CVE-2024-31484 was published May 14, 2024
Windows USB Print Driver Elevation of Privilege Vulnerability High Unreviewed
CVE-2024-21442 was published Mar 12, 2024
Dell Platform BIOS contains an Improper Null Termination vulnerability. A high privilege user... Moderate Unreviewed
CVE-2023-48674 was published Mar 1, 2024
In ModSecurity before 2.9.7, FILES_TMP_CONTENT sometimes lacked the complete content. This can... Critical Unreviewed
CVE-2023-24021 was published Jan 20, 2023
An issue was discovered in drachtio-server before 0.8.20. It allows remote attackers to cause a... High Unreviewed
CVE-2022-47515 was published Dec 18, 2022
A vulnerability has been identified in APOGEE MBC (PPC) (BACnet) (All versions), APOGEE MBC (PPC)... High Unreviewed
CVE-2021-31887 was published May 24, 2022
A vulnerability has been identified in APOGEE MBC (PPC) (BACnet) (All versions), APOGEE MBC (PPC)... Critical Unreviewed
CVE-2021-31886 was published May 24, 2022
A vulnerability has been identified in APOGEE MBC (PPC) (BACnet) (All versions), APOGEE MBC (PPC)... High Unreviewed
CVE-2021-31888 was published May 24, 2022
A vulnerability has been identified in APOGEE MBC (PPC) (BACnet) (All versions), APOGEE MBC (PPC)... Critical Unreviewed
CVE-2021-31884 was published May 24, 2022
Node.js before 16.6.0, 14.17.4, and 12.22.4 is vulnerable to Remote Code Execution, XSS,... Critical Unreviewed
CVE-2021-22931 was published May 24, 2022
A vulnerability has been identified in Nucleus 4 (All versions < V4.1.0), Nucleus NET (All... Moderate Unreviewed
CVE-2020-27736 was published May 24, 2022
Multiple vulnerabilities in Cisco Jabber for Windows, Cisco Jabber for MacOS, and Cisco Jabber... High Unreviewed
CVE-2021-1469 was published May 24, 2022
Multiple vulnerabilities in Cisco Jabber for Windows, Cisco Jabber for MacOS, and Cisco Jabber... Moderate Unreviewed
CVE-2021-1471 was published May 24, 2022
Multiple vulnerabilities in Cisco Jabber for Windows, Cisco Jabber for MacOS, and Cisco Jabber... Moderate Unreviewed
CVE-2021-1417 was published May 24, 2022
Multiple vulnerabilities in Cisco Jabber for Windows, Cisco Jabber for MacOS, and Cisco Jabber... Moderate Unreviewed
CVE-2021-1418 was published May 24, 2022
Multiple vulnerabilities in Cisco Jabber for Windows, Cisco Jabber for MacOS, and Cisco Jabber... Critical Unreviewed
CVE-2021-1411 was published May 24, 2022
A null pointer dereference flaw was found in samba's Winbind service in versions before 4.11.15,... Moderate Unreviewed
CVE-2020-14323 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database