Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,869
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,122
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,020
Swift
39
Unreviewed advisories
All unreviewed
5,000+

900 advisories

Loading
Failure to validate the AMD SMM communication buffer may allow an attacker to corrupt the SMRAM... Critical Unreviewed
CVE-2022-23820 was published Nov 14, 2023
An issue in RedisGraph v.2.12.10 allows an attacker to execute arbitrary code and cause a denial... Critical Unreviewed
CVE-2023-47003 was published Nov 16, 2023
tj-actions/branch-names's Improper Sanitization of Branch Name Leads to Arbitrary Code Injection Critical
CVE-2023-49291 was published for tj-actions/branch-names (GitHub Actions) Dec 5, 2023
AdnaneKhan R3x
U-Boot vulnerability resulting in persistent Code Execution  Critical Unreviewed
CVE-2023-48425 was published Dec 11, 2023
An unvalidated input in a library function responsible for communicating between secure and non... Critical Unreviewed
CVE-2023-4020 was published Dec 15, 2023
The Zabbix Agent 2 item key smart.disk.get does not sanitize its parameters before passing them... Critical Unreviewed
CVE-2023-32728 was published Dec 22, 2023
Increasing the resolution of video frames, while performing a multi-threaded encode, can result... Critical Unreviewed
CVE-2023-6879 was published Dec 28, 2023
A security issue exists in D-Link D-View 8 v2.0.2.89 and prior that could allow an attacker to... Critical Unreviewed
CVE-2023-7163 was published Dec 28, 2023
A vulnerability has been identified in SIMATIC IPC1047E (All versions with maxView Storage... Critical Unreviewed
CVE-2023-51438 was published Jan 9, 2024
Duplicate Advisory: NuGet Client Security Feature Bypass Vulnerability Critical
GHSA-jw42-5m4v-9c8g was published for NuGet.CommandLine (NuGet) Jan 9, 2024 withdrawn
Django Template Engine Vulnerable to XSS Critical
CVE-2024-22199 was published for github.com/gofiber/template/django/v3 (Go) Jan 11, 2024
bastianwegge sixcolors
gaby ReneWerner87 efectn
An issue in dom96 HTTPbeast v.0.4.1 and before allows a remote attacker to execute arbitrary code... Critical Unreviewed
CVE-2023-50694 was published Jan 19, 2024
Microsoft Outlook Remote Code Execution Vulnerability Critical Unreviewed
CVE-2024-21413 was published Feb 13, 2024
A command injection vulnerability was identified in GitHub Enterprise Server that allowed an... Critical Unreviewed
CVE-2024-1359 was published Feb 13, 2024
A command injection vulnerability was identified in GitHub Enterprise Server that allowed an... Critical Unreviewed
CVE-2024-1372 was published Feb 13, 2024
A command injection vulnerability was identified in GitHub Enterprise Server that allowed an... Critical Unreviewed
CVE-2024-1369 was published Feb 13, 2024
A command injection vulnerability was identified in GitHub Enterprise Server that allowed an... Critical Unreviewed
CVE-2024-1378 was published Feb 13, 2024
A command injection vulnerability was identified in GitHub Enterprise Server that allowed an... Critical Unreviewed
CVE-2024-1374 was published Feb 13, 2024
A command injection vulnerability was identified in GitHub Enterprise Server that allowed an... Critical Unreviewed
CVE-2024-1355 was published Feb 13, 2024
Improper input validation in Zoom Desktop Client for Windows, Zoom VDI Client for Windows, and... Critical Unreviewed
CVE-2024-24691 was published Feb 14, 2024
Dell OS10 Networking Switches running 10.5.2.x and above contain an OS command injection... Critical Unreviewed
CVE-2023-32462 was published Feb 15, 2024
Dell Networking Switches running Enterprise SONiC versions 4.1.0, 4.0.5, 3.5.4 and below... Critical Unreviewed
CVE-2023-32484 was published Feb 15, 2024
In attp_build_read_by_type_value_cmd of att_protocol.cc , there is a possible out of bounds write... Critical Unreviewed
CVE-2024-0031 was published Feb 16, 2024
The SE menu contains information used by Lexmark to diagnose device errors. A vulnerability in... Critical Unreviewed
CVE-2023-50737 was published Feb 28, 2024
Enabling Simple Ajax Uploader plugin included in Laragon open-source software allows for a remote... Critical Unreviewed
CVE-2024-0864 was published Feb 29, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database