GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 23,835
Composer 4,870
Erlang 36
GitHub Actions 36
Go 2,493
Maven 5,926
npm 4,126
NuGet 735
pip 3,943
Pub 12
RubyGems 945
Rust 1,021
Swift 39

Unreviewed advisories

All unreviewed 269,189

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

312 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Insufficient data validation in Updater in Google Chrome prior to 120.0.6099.62 allowed a remote... High Unreviewed

CVE-2024-3173 was published Jul 17, 2024

In MIT Kerberos 5 (aka krb5) before 1.21.3, an attacker can modify the plaintext Extra Count... High Unreviewed

CVE-2024-37370 was published Jun 29, 2024

Insufficient verification of data authenticity issue exists in NJ Series CPU Unit all versions... High Unreviewed

CVE-2024-33687 was published Jun 24, 2024

Use of Less Trusted Source vulnerability in SolidWP Solid Security allows HTTP DoS.This issue... Low Unreviewed

CVE-2022-44593 was published Jun 21, 2024

Invision Community through 4.7.16 allows remote code execution via the applications/core/modules... High Unreviewed

CVE-2024-30162 was published Jun 7, 2024

An attacker with access to the private network (the charger is connected to) or local access to... Moderate Unreviewed

CVE-2024-5684 was published Jun 6, 2024

A flaw was found in Booth, a cluster ticket manager. If a specially-crafted hash is passed to... High Unreviewed

CVE-2024-3049 was published Jun 6, 2024

Insufficient Verification of Data Authenticity vulnerability in Cozmoslabs Profile Builder allows... Moderate Unreviewed

CVE-2024-31341 was published May 17, 2024

Insufficient verification of data authenticity in the installer for Zoom Workplace VDI App for... Moderate Unreviewed

CVE-2024-27244 was published May 15, 2024

ThroughTek Kalay SDK does not verify the authenticity of received messages, allowing an attacker... Moderate Unreviewed

CVE-2023-6323 was published May 15, 2024

An insufficient verification of data authenticity vulnerability [CWE-345] in Fortinet FortiOS SSL... Moderate Unreviewed

CVE-2023-45586 was published May 14, 2024

A vulnerability has been identified in SIMATIC RTLS Locating Manager (6GT2780-0DA00) (All... Moderate Unreviewed

CVE-2024-33494 was published May 14, 2024

NETGEAR RAX30 lighttpd Misconfiguration Remote Code Execution Vulnerability. This vulnerability... High Unreviewed

CVE-2023-27360 was published May 3, 2024

Malformed Device Reset Locally command classes can be sent to temporarily deny service to an end... High Unreviewed

CVE-2024-3051 was published Apr 27, 2024

Vulnerability of package name verification being bypassed in the Calendar app. Impact: Successful... High Unreviewed

CVE-2023-52546 was published Apr 8, 2024

Insufficient verification of data authenticity issue in Survey Maker prior to 3.6.4 allows a... Moderate Unreviewed

CVE-2023-35764 was published Apr 3, 2024

Unitronics Unistream Unilogic – Versions prior to 1.35.227 - CWE-348: Use of Less Trusted Source... High Unreviewed

CVE-2024-27773 was published Mar 18, 2024

Malformed Device Reset Locally Command Class packets can be sent to the controller, causing the... Moderate Unreviewed

CVE-2023-6533 was published Feb 21, 2024

The `fetch()` API and navigation incorrectly shared the same cache, as the cache key did not... Critical Unreviewed

CVE-2024-1554 was published Feb 20, 2024

Insufficient verification of data authenticity in the configuration state machine may allow a... Low Unreviewed

CVE-2023-20570 was published Feb 13, 2024

IBM Security Access Manager Container (IBM Security Verify Access Appliance 10.0.0.0 through 10.0... Moderate Unreviewed

CVE-2023-32329 was published Feb 3, 2024

Vulnerability of trust relationships being inaccurate in distributed scenarios. Successful... High Unreviewed

CVE-2023-52109 was published Jan 16, 2024

An issue has been discovered in GitLab CE/EE affecting all versions from 12.2 prior to 16.5.6, 16... Low Unreviewed

CVE-2023-2030 was published Jan 12, 2024

Exim through 4.97 allows SMTP smuggling in certain configurations. Remote attackers can use a... Moderate Unreviewed

CVE-2023-51766 was published Dec 24, 2023

sendmail through at least 8.14.7 allows SMTP smuggling in certain configurations. Remote... Moderate Unreviewed

CVE-2023-51765 was published Dec 24, 2023

Previous 1…3…13 Next

Previous 1 2 3 4 5 … 12 13 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

312 advisories