GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 23,835
Composer 4,870
Erlang 36
GitHub Actions 36
Go 2,493
Maven 5,926
npm 4,126
NuGet 735
pip 3,943
Pub 12
RubyGems 945
Rust 1,021
Swift 39

Unreviewed advisories

All unreviewed 269,156

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

26,868 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

A vulnerability has been found in Netgear WNDR3700v2 1.0.1.14 and classified as critical. This... Critical Unreviewed

CVE-2023-0849 was published Feb 16, 2023

Priority Web version 19.1.0.68, parameter manipulation on an unspecified end-point may allow... Critical Unreviewed

CVE-2023-23460 was published Feb 15, 2023

Priority Windows may allow Command Execution via SQL Injection using an unspecified method. Critical Unreviewed

CVE-2023-23459 was published Feb 15, 2023

Kardex Mlog MCC 5.7.12+0-a203c2a213-master allows remote code execution. It spawns a web... Critical Unreviewed

CVE-2023-22855 was published Feb 15, 2023

LS ELECTRIC XBC-DN32U with operating system version 01.80 is missing authentication to create... Critical Unreviewed

CVE-2023-22804 was published Feb 15, 2023

LS ELECTRIC XBC-DN32U with operating system version 01.80 does not properly control access to the... Critical Unreviewed

CVE-2023-22807 was published Feb 15, 2023

LS ELECTRIC XBC-DN32U with operating system version 01.80 is missing authentication for its... Critical Unreviewed

CVE-2023-0102 was published Feb 15, 2023

In Ampere AltraMax and Ampere Altra before 2.10c, improper access controls allows the OS to... Critical Unreviewed

CVE-2022-46892 was published Feb 15, 2023

Sandbox escape in Jenkins Email Extension Plugin Critical

CVE-2023-25765 was published for org.jenkins-ci.plugins:email-ext (Maven) Feb 15, 2023

Microsoft Protected Extensible Authentication Protocol (PEAP) Remote Code Execution Vulnerability Critical Unreviewed

CVE-2023-21692 was published Feb 14, 2023

Microsoft Protected Extensible Authentication Protocol (PEAP) Remote Code Execution Vulnerability Critical Unreviewed

CVE-2023-21690 was published Feb 14, 2023

Microsoft Protected Extensible Authentication Protocol (PEAP) Remote Code Execution Vulnerability Critical Unreviewed

CVE-2023-21689 was published Feb 14, 2023

Windows iSCSI Discovery Service Remote Code Execution Vulnerability Critical Unreviewed

CVE-2023-21803 was published Feb 14, 2023

Microsoft Word Remote Code Execution Vulnerability Critical Unreviewed

CVE-2023-21716 was published Feb 14, 2023

HAProxy before 2.7.3 may allow a bypass of access control because HTTP/1 headers are... Critical Unreviewed

CVE-2023-25725 was published Feb 14, 2023

TOTOLINK CA300-PoE V6.2c.884 was discovered to contain a command injection vulnerability via the... Critical Unreviewed

CVE-2023-24160 was published Feb 14, 2023

TOTOLINK CA300-PoE V6.2c.884 was discovered to contain a command injection vulnerability via the... Critical Unreviewed

CVE-2023-24161 was published Feb 14, 2023

TOTOLINK CA300-PoE V6.2c.884 was discovered to contain a command injection vulnerability via the... Critical Unreviewed

CVE-2023-24159 was published Feb 14, 2023

A vulnerability has been identified in COMOS V10.2 (All versions), COMOS V10.3.3.1 (All versions ... Critical Unreviewed

CVE-2023-24482 was published Feb 14, 2023

SAP BusinessObjects Business Intelligence Platform (CMC) - versions 420, 430, allows an... Critical Unreviewed

CVE-2023-24530 was published Feb 14, 2023

A type juggling vulnerability in the component /auth/fn.php of PlaySMS v1.4.5 and earlier allows... Critical Unreviewed

CVE-2022-47034 was published Feb 14, 2023

Arbitrary file deletion in ureport Critical

CVE-2023-24188 was published for com.bstek.ureport:ureport2-core (Maven) Feb 13, 2023

The cryptographic code signing process and controls on ConnectWise Control through 22.9.10032 ... Critical Unreviewed

CVE-2023-25718 was published Feb 13, 2023

Ruckus Wireless Admin through 10.4 allows Remote Code Execution via an unauthenticated HTTP GET... Critical Unreviewed

CVE-2023-25717 was published Feb 13, 2023

ChiKoi v1.0 was discovered to contain a SQL injection vulnerability via the load_file function. Critical Unreviewed

CVE-2023-24084 was published Feb 13, 2023

Previous 1…396…400 Next

Previous 1 2 … 394 395 396 397 398 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

26,868 advisories