Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,871
Erlang
37
GitHub Actions
36
Go
2,504
Maven
5,000+
npm
4,149
NuGet
735
pip
3,949
Pub
12
RubyGems
945
Rust
1,025
Swift
39
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

506 advisories

Loading
OX App Suite before backend 7.10.6-rev37 has an information leak in the handling of distribution... Moderate Unreviewed
CVE-2023-24598 was published May 29, 2023
The server component of TIBCO Software Inc.'s TIBCO EBX Add-ons contains a vulnerability that... Moderate Unreviewed
CVE-2023-26215 was published May 25, 2023
When supplied with a random MAC address, Snap One OvrC cloud servers will return... Moderate Unreviewed
CVE-2023-28412 was published May 22, 2023
The multimedia video module has a vulnerability in data processing.Successful exploitation of... High Unreviewed
CVE-2023-1696 was published May 20, 2023
Observable Response Discrepancy in SICK FTMg AIR FLOW SENSOR with Partnumbers 1100214, 1100215,... Moderate Unreviewed
CVE-2023-23449 was published May 15, 2023
IBM Spectrum Virtualize 8.5, under certain circumstances, could disclose sensitive credential... High Unreviewed
CVE-2023-27870 was published May 11, 2023
A validation issue was addressed with improved input sanitization. This issue is fixed in macOS... Moderate Unreviewed
CVE-2023-28200 was published May 8, 2023
This issue was addressed by removing the vulnerable code. This issue is fixed in macOS Ventura 13... Moderate Unreviewed
CVE-2023-27931 was published May 8, 2023
Northern.tech CFEngine Enterprise before 3.21.1 allows a subset of authenticated users to... Moderate Unreviewed
CVE-2023-26560 was published Apr 26, 2023
The authentication method in Laravel 8.x through 9.x before 9.32.0 was discovered to be... Moderate Unreviewed
CVE-2022-40482 was published Apr 25, 2023
A username enumeration issue was discovered in Medicine Tracker System 1.0. The login... Moderate Unreviewed
CVE-2023-30458 was published Apr 24, 2023
front/icon.send.php in the CMDB plugin before 3.0.3 for GLPI allows attackers to gain read access... Moderate Unreviewed
CVE-2022-34125 was published Apr 16, 2023
SENAYAN Library Management System (SLiMS) Bulian v9.5.2 does not strip exif data from uploaded... High Unreviewed
CVE-2023-29850 was published Apr 14, 2023
A vulnerability has been identified in Mendix Forgot Password (Mendix 7 compatible) (All versions... Moderate Unreviewed
CVE-2023-27464 was published Apr 11, 2023
An issue was discovered in MCUBO ICT through 10.12.4 (aka 6.0.2). An Observable Response... High Unreviewed
CVE-2023-26071 was published Mar 28, 2023
The Raccoon attack is a timing attack on DHE ciphersuites inherit in the TLS specification. To... Moderate Unreviewed
CVE-2020-12413 was published Feb 17, 2023
A timing side-channel in the handling of RSA ClientKeyExchange messages was discovered in GnuTLS.... High Unreviewed
CVE-2023-0361 was published Feb 15, 2023
NVIDIA BMC contains a vulnerability in IPMI handler, where an unauthorized attacker can use... Moderate Unreviewed
CVE-2022-42288 was published Jan 13, 2023
TP-Link routers, Archer C5 and WR710N-V1, using the latest software, the strcmp function used for... High Unreviewed
CVE-2022-4499 was published Jan 11, 2023
A flaw named "EntryBleed" was found in the Linux Kernel Page Table Isolation (KPTI). This issue... Moderate Unreviewed
CVE-2022-4543 was published Jan 11, 2023
In Talend Administration Center 7.3.1.20200219 before TAC-15950, the Forgot Password feature... Moderate Unreviewed
CVE-2022-30332 was published Jan 10, 2023
** DISPUTED ** The AES instructions on the ARMv8 platform do not have an algorithm that is ... High Unreviewed
CVE-2022-48251 was published Jan 10, 2023
Inappropriate implementation in Paint in Google Chrome prior to 98.0.4758.80 allowed a remote... Moderate Unreviewed
CVE-2022-4025 was published Jan 3, 2023
A vulnerability classified as problematic was found in Ziftr primecoin up to 0.8.4rc1. Affected... High Unreviewed
CVE-2013-10006 was published Jan 1, 2023
lxc-user-nic in lxc through 5.0.1 is installed setuid root, and may allow local users to infer... Low Unreviewed
CVE-2022-47952 was published Jan 1, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database