Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+

586 advisories

Loading
Data Illusion Survey Software Solutions ngSurvey version 2.4.28 and below is vulnerable to Denial... High Unreviewed
CVE-2022-46485 was published Aug 2, 2023
An issue has been discovered in GitLab EE affecting all versions from 15.11 prior to 16.2.2 which... High Unreviewed
CVE-2023-4011 was published Aug 2, 2023
On Crestron 3-Series Control Systems before 1.8001.0187, crafting and sending a specific BACnet... High Unreviewed
CVE-2023-38405 was published Jul 17, 2023
A vulnerability has been identified in SIMATIC MV540 H (All versions < V3.3.4), SIMATIC MV540 S ... High Unreviewed
CVE-2023-36521 was published Jul 11, 2023
IBM Watson CP4D Data Stores 4.6.0 does not properly allocate resources without limits or... High Unreviewed
CVE-2023-27540 was published Jul 10, 2023
Any request send to a Netgear Nighthawk Wifi6 Router (RAX30)'s web service containing a “Content... High Unreviewed
CVE-2023-28338 was published Jul 6, 2023
A remote, unauthenticated attacker could cause a denial-of-service of PHOENIX CONTACT FL MGUARD... High Unreviewed
CVE-2022-3480 was published Jul 6, 2023
Products.CMFCore unauthenticated denial of service and crash via unchecked use of input with Python's marshal module High
CVE-2023-36814 was published for Products.CMFCore (pip) Jul 5, 2023
A vulnerability in the XCP Authentication Service of the Cisco Unified Communications Manager IM ... High Unreviewed
CVE-2023-20108 was published Jun 28, 2023
An issue in the /userRpm/LocalManageControlRpm component of TP-Link TL-WR940N V2/V4/V6, TL-WR841N... High Unreviewed
CVE-2023-36357 was published Jun 22, 2023
An issue in the GDKfree component of MonetDB Server v11.45.17 and v11.46.0 allows attackers to... High Unreviewed
CVE-2023-36371 was published Jun 22, 2023
An issue in the list_append component of MonetDB Server v11.45.17 and v11.46.0 allows attackers... High Unreviewed
CVE-2023-36369 was published Jun 22, 2023
An issue in the gc_col component of MonetDB Server v11.45.17 and v11.46.0 allows attackers to... High Unreviewed
CVE-2023-36370 was published Jun 22, 2023
An issue in the sql_trans_copy_key component of MonetDB Server v11.45.17 and v11.46.0 allows... High Unreviewed
CVE-2023-36365 was published Jun 22, 2023
An issue in the BLOBcmp component of MonetDB Server v11.45.17 and v11.46.0 allows attackers to... High Unreviewed
CVE-2023-36367 was published Jun 22, 2023
An issue in the cs_bind_ubat component of MonetDB Server v11.45.17 and v11.46.0 allows attackers... High Unreviewed
CVE-2023-36368 was published Jun 22, 2023
An issue in the log_create_delta component of MonetDB Server v11.45.17 and v11.46.0 allows... High Unreviewed
CVE-2023-36366 was published Jun 22, 2023
Every `named` instance configured to run as a recursive resolver maintains a cache database... High Unreviewed
CVE-2023-2828 was published Jun 21, 2023
Configuration defects in the secure OS module.Successful exploitation of this vulnerability will... High Unreviewed
CVE-2022-48498 was published Jun 19, 2023
Vulnerability of system restart triggered by abnormal callbacks passed to APIs.Successful... High Unreviewed
CVE-2023-34166 was published Jun 19, 2023
In doInBackground of NotificationContentInflater.java, there is a possible temporary denial or... High Unreviewed
CVE-2023-21144 was published Jun 15, 2023
snappy-java's unchecked chunk length leads to DoS High
CVE-2023-34455 was published for org.xerial.snappy:snappy-java (Maven) Jun 15, 2023
srmish-jfrog
Apache Struts vulnerable to memory exhaustion High
CVE-2023-34396 was published for org.apache.struts:struts2-core (Maven) Jun 14, 2023
Uncontrolled Resource Consumption in LengthPrefixedMessageReader High
CVE-2021-36155 was published for github.com/grpc/grpc-swift (Swift) Jun 9, 2023
A denial of service issue was discovered in GitLab CE/EE affecting all versions starting from 13... High Unreviewed
CVE-2023-0121 was published Jun 7, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database