Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+

12,432 advisories

Loading
slsa-verifier vulnerable to mproper validation of npm's publish attestations Low
GHSA-r2xv-vpr2-42m9 was published for github.com/slsa-framework/slsa-verifier (Go) Nov 8, 2023
laurentsimon ianlewis
trishankatdatadog
A CWE-526: Exposure of Sensitive Information Through Environmental Variables vulnerability exists... Low Unreviewed
CVE-2023-47615 was published Nov 9, 2023
A CWE-200: Exposure of Sensitive Information to an Unauthorized Actor vulnerability exists in... Low Unreviewed
CVE-2023-47616 was published Nov 9, 2023
Signing DynamoDB Sets when using the AWS Database Encryption SDK. Low
GHSA-72fp-w44g-625q was published for software.amazon.cryptography:aws-database-encryption-sdk-dynamodb (Maven) Nov 9, 2023
Moodle Exposure of Sensitive Information to an Unauthorized Actor vulnerability Low
CVE-2023-5551 was published for moodle/moodle (Composer) Nov 9, 2023
When duplicating a BigBlueButton activity, the original meeting ID was also duplicated instead of... Low Unreviewed
CVE-2023-5543 was published Nov 10, 2023
A CWE-200: Exposure of Sensitive Information to an Unauthorized Actor vulnerability exists in... Low Unreviewed
CVE-2023-47614 was published Nov 10, 2023
gnark's range checker gadget allows wider inputs up to word alignment Low
GHSA-rjjm-x32p-m3f7 was published for github.com/consensys/gnark (Go) Nov 12, 2023
ultrainstinct30 ivokub
gbotrel
A vulnerability has been found in Intelbras RX 1500 1.1.9 and classified as problematic. Affected... Low Unreviewed
CVE-2023-6103 was published Nov 13, 2023
A vulnerability has been identified in COMOS (All versions < V10.4.4). Caching system in the... Low Unreviewed
CVE-2023-43503 was published Nov 14, 2023
A vulnerability has been identified in SCALANCE XB205-3 (SC, PN) (All versions < V4.5), SCALANCE... Low Unreviewed
CVE-2023-44322 was published Nov 14, 2023
An insertion of sensitive information into log file vulnerability [CWE-532] in FortiSIEM version... Low Unreviewed
CVE-2023-45585 was published Nov 14, 2023
Information Disclosure in typo3/cms-install tool Low
CVE-2023-47126 was published for typo3/cms-install (Composer) Nov 14, 2023
liayn
Aiohttp has inconsistent interpretation of `Content-Length` vs. `Transfer-Encoding` differing in C and Python fallbacks Low
CVE-2023-47641 was published for aiohttp (pip) Nov 14, 2023
chinchila
Improper access control vulnerability in Samsung Push Service prior to 3.4.10 allows local... Low Unreviewed
CVE-2023-42542 was published Nov 14, 2023
A Use-After-Free vulnerability in the management of an SNP guest context page may allow a... Low Unreviewed
CVE-2023-20519 was published Nov 14, 2023
Improper input validation for some Intel Unison software may allow an authenticated user to... Low Unreviewed
CVE-2022-45469 was published Nov 14, 2023
Insertion of sensitive information into log file for some Intel Unison software may allow an... Low Unreviewed
CVE-2022-46647 was published Nov 14, 2023
Improper Initialization for some Intel Unison software may allow a privileged user to potentially... Low Unreviewed
CVE-2022-46301 was published Nov 14, 2023
Incomplete cleanup for some Intel Unison software may allow a privileged user to potentially... Low Unreviewed
CVE-2022-46298 was published Nov 14, 2023
Exposure of sensitive information to an unauthorized actor for some Intel Unison software may... Low Unreviewed
CVE-2022-46646 was published Nov 14, 2023
Improper access control for some Intel Unison software may allow a privileged user to potentially... Low Unreviewed
CVE-2022-41659 was published Nov 14, 2023
Incomplete cleanup for some Intel Unison software may allow an authenticated user to potentially... Low Unreviewed
CVE-2022-43477 was published Nov 14, 2023
Exposure of sensitive system information due to uncleared debug information for some Intel Unison... Low Unreviewed
CVE-2022-43666 was published Nov 14, 2023
Insufficient control flow management for some Intel Unison software may allow an authenticated... Low Unreviewed
CVE-2022-46299 was published Nov 14, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database