Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

2,257 advisories

Loading
An issue in NETIS SYSTEMS N3Mv2 v.1.0.1.865 allows a remote attacker to cause a denial of service... High Unreviewed
CVE-2023-44860 was published Oct 7, 2023
A flaw was found in OpenShift API, as admission checks do not enforce "custom-host" permissions.... High Unreviewed
CVE-2022-3248 was published Oct 5, 2023
An improper access control flaw was found in Candlepin. An attacker can create data scoped under... High Unreviewed
CVE-2023-1832 was published Oct 4, 2023
Improper authorisation of regular users in ProIntegra Uptime DC software (versions below 2.0.0... High Unreviewed
CVE-2023-4997 was published Oct 4, 2023
An issue has been discovered in Ultimate-licensed GitLab EE affecting all versions starting 13.12... High Unreviewed
CVE-2023-5106 was published Oct 2, 2023
An issue has been discovered in GitLab affecting all versions starting from 11.2 before 16.2.8,... Moderate Unreviewed
CVE-2023-3920 was published Sep 29, 2023
An issue has been discovered in GitLab affecting all versions starting from 16.2 before 16.2.8,... Moderate Unreviewed
CVE-2023-4532 was published Sep 29, 2023
An issue has been discovered in GitLab affecting all versions starting from 10.6 before 16.2.8,... Moderate Unreviewed
CVE-2023-3979 was published Sep 29, 2023
An issue has been discovered in GitLab affecting all versions prior to 16.2.7, all versions... Moderate Unreviewed
CVE-2023-5198 was published Sep 29, 2023
Sensitive information disclosure and manipulation due to improper authorization. The following... Low Unreviewed
CVE-2023-44154 was published Sep 27, 2023
An authorization issue was addressed with improved state management. This issue is fixed in macOS... Moderate Unreviewed
CVE-2023-41078 was published Sep 27, 2023
The issue was addressed with improved checks. This issue is fixed in iOS 17 and iPadOS 17,... Low Unreviewed
CVE-2023-35990 was published Sep 27, 2023
** UNSUPPPORTED WHEN ASSIGNED ** Incorrect authorisation in ekorCCP and ekorRCI, which could... High Unreviewed
CVE-2022-47553 was published Sep 19, 2023
An issue has been discovered in GitLab EE affecting all versions starting from 13.12 before 16.2... Critical Unreviewed
CVE-2023-5009 was published Sep 19, 2023
SAP CommonCryptoLib does not perform necessary authentication checks, which may result in missing... Critical Unreviewed
CVE-2023-40309 was published Sep 15, 2023
Weak access control in Wing FTP Server (Admin Web Client) allows for privilege escalation.This... High Unreviewed
CVE-2023-37881 was published Sep 15, 2023
A Privilege escalation vulnerability exists in Trellix Windows DLP endpoint for windows which... High Unreviewed
CVE-2023-4814 was published Sep 14, 2023
A vulnerability in the access control list (ACL) processing on MPLS interfaces in the ingress... High Unreviewed
CVE-2023-20191 was published Sep 13, 2023
A vulnerability in the classic access control list (ACL) compression feature of Cisco IOS XR... Moderate Unreviewed
CVE-2023-20190 was published Sep 13, 2023
IBM Aspera Faspex 5.0.5 could allow a malicious actor to bypass IP whitelist restrictions using a... High Unreviewed
CVE-2023-30995 was published Sep 8, 2023
An issue was discovered in Samsung Exynos Mobile Processor, Automotive Processor, and Modem ... Moderate Unreviewed
CVE-2023-37367 was published Sep 8, 2023
A vulnerability in the secure boot implementation on affected Aruba 9200 and 9000 Series... Moderate Unreviewed
CVE-2023-38486 was published Sep 6, 2023
A vulnerability in the remote access VPN feature of Cisco Adaptive Security Appliance (ASA)... Critical Unreviewed
CVE-2023-20269 was published Sep 6, 2023
BMC Server Automation before 8.9.01 patch 1 allows Process Spawner command execution because of... Critical Unreviewed
CVE-2017-9453 was published Sep 5, 2023
The Advanced File Manager WordPress plugin before 5.1.1 does not adequately authorize its usage... Moderate Unreviewed
CVE-2023-3814 was published Sep 4, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database