GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 23,936
Composer 4,871
Erlang 37
GitHub Actions 36
Go 2,517
Maven 5,956
npm 4,154
NuGet 736
pip 3,953
Pub 12
RubyGems 946
Rust 1,026
Swift 39

Unreviewed advisories

All unreviewed 270,186

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

613 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

An issue was discovered in Ujcms v6.0.2 allows attackers to gain sensitive information via the... High Unreviewed

CVE-2023-34878 was published Jun 14, 2023

Certain HP Enterprise LaserJet and HP LaserJet Managed Printers are potentially vulnerable to... High Unreviewed

CVE-2023-1707 was published Jun 13, 2023

AMI BMC contains a vulnerability in the IPMI handler, where an unauthorized attacker can use... Moderate Unreviewed

CVE-2023-34344 was published Jun 12, 2023

emoncms v11 and later was discovered to contain an information disclosure vulnerability which... Moderate Unreviewed

CVE-2023-33518 was published Jun 5, 2023

The <code>Content-Security-Policy-Report-Only</code> header could allow an attacker to leak a... Moderate Unreviewed

CVE-2023-25728 was published Jun 2, 2023

When dragging and dropping an image cross-origin, the image's size could potentially be leaked.... Moderate Unreviewed

CVE-2023-25741 was published Jun 2, 2023

Bluetooth Classic in Bluetooth Core Specification through 5.3 does not properly conceal device... Moderate Unreviewed

CVE-2022-24695 was published Jun 2, 2023

IBM GSKit could allow a remote attacker to obtain sensitive information, caused by a timing-based... High Unreviewed

CVE-2023-32342 was published May 31, 2023

Macrovideo v380pro v1.4.97 shares the device id and password when sharing the device. High Unreviewed

CVE-2023-33741 was published May 31, 2023

Avaya IX Workforce Engagement v15.2.7.1195 - User Enumeration - Observable Response Discrepancy Moderate Unreviewed

CVE-2023-31186 was published May 30, 2023

OX App Suite before backend 7.10.6-rev37 has an information leak in the handling of distribution... Moderate Unreviewed

CVE-2023-24598 was published May 29, 2023

The server component of TIBCO Software Inc.'s TIBCO EBX Add-ons contains a vulnerability that... Moderate Unreviewed

CVE-2023-26215 was published May 25, 2023

When supplied with a random MAC address, Snap One OvrC cloud servers will return... Moderate Unreviewed

CVE-2023-28412 was published May 22, 2023

ginuerzh/gost vulnerable to Timing Attack Moderate

CVE-2023-32691 was published for github.com/ginuerzh/gost (Go) May 22, 2023

The multimedia video module has a vulnerability in data processing.Successful exploitation of... High Unreviewed

CVE-2023-1696 was published May 20, 2023

Observable Response Discrepancy in SICK FTMg AIR FLOW SENSOR with Partnumbers 1100214, 1100215,... Moderate Unreviewed

CVE-2023-23449 was published May 15, 2023

IBM Spectrum Virtualize 8.5, under certain circumstances, could disclose sensitive credential... High Unreviewed

CVE-2023-27870 was published May 11, 2023

A validation issue was addressed with improved input sanitization. This issue is fixed in macOS... Moderate Unreviewed

CVE-2023-28200 was published May 8, 2023

This issue was addressed by removing the vulnerable code. This issue is fixed in macOS Ventura 13... Moderate Unreviewed

CVE-2023-27931 was published May 8, 2023

Northern.tech CFEngine Enterprise before 3.21.1 allows a subset of authenticated users to... Moderate Unreviewed

CVE-2023-26560 was published Apr 26, 2023

The authentication method in Laravel 8.x through 9.x before 9.32.0 was discovered to be... Moderate Unreviewed

CVE-2022-40482 was published Apr 25, 2023

A username enumeration issue was discovered in Medicine Tracker System 1.0. The login... Moderate Unreviewed

CVE-2023-30458 was published Apr 24, 2023

IO FinNet tss-lib vulnerable to timing attack from non-constant time scalar arithmetic High

CVE-2023-26557 was published for github.com/binance-chain/tss-lib (Go) Apr 21, 2023

IO FinNet tss-lib vulnerable to timing attack from non-constant time scalar multiplication Critical

CVE-2023-26556 was published for github.com/binance-chain/tss-lib (Go) Apr 21, 2023

front/icon.send.php in the CMDB plugin before 3.0.3 for GLPI allows attackers to gain read access... Moderate Unreviewed

CVE-2022-34125 was published Apr 16, 2023

Previous 1…11…25 Next

Previous 1 2 … 9 10 11 12 13 … 24 25 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

613 advisories