Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,871
Erlang
37
GitHub Actions
36
Go
2,504
Maven
5,000+
npm
4,149
NuGet
735
pip
3,949
Pub
12
RubyGems
945
Rust
1,025
Swift
39
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

506 advisories

Loading
Tadiran Telecom Aeonix - CWE-204: Observable Response Discrepancy Moderate Unreviewed
CVE-2023-37217 was published Jul 30, 2023
User enumeration in On-premise SureMDM Solution on Windows deployment allows attacker to... Moderate Unreviewed
CVE-2023-3897 was published Jul 25, 2023
A possible unauthorized memory access flaw was found in the Linux kernel's cpu_entry_area mapping... High Unreviewed
CVE-2023-3640 was published Jul 24, 2023
TOTOLINK CP300+ V5.2cu.7594 contains a Denial of Service vulnerability in function RebootSystem... High Unreviewed
CVE-2023-34669 was published Jul 17, 2023
A potential power side-channel vulnerability in some AMD processors may allow an authenticated... Moderate Unreviewed
CVE-2023-20575 was published Jul 11, 2023
Observable Response Discrepancy in the SICK ICR890-4 could allow a remote attacker to identify... Moderate Unreviewed
CVE-2023-35698 was published Jul 10, 2023
A vulnerability classified as problematic has been found in Rotem Dynamics Rotem CRM up to... Moderate Unreviewed
CVE-2023-3529 was published Jul 6, 2023
The HCL Domino AppDev Pack IAM service is susceptible to a User Account Enumeration vulnerability... Moderate Unreviewed
CVE-2023-28015 was published Jul 6, 2023
The sensitive information exposure vulnerability in the CGI “Export_Log” and the binary “zcmd” in... High Unreviewed
CVE-2023-28770 was published Jul 6, 2023
Under certain circumstances a C•CURE Portal user could enumerate user accounts in C•CURE 9000... Moderate Unreviewed
CVE-2021-36201 was published Jul 6, 2023
TN-5900 Series version 3.3 and prior versions is vulnearble to user enumeration vulnerability.... Moderate Unreviewed
CVE-2023-3336 was published Jul 5, 2023
The Protect WP Admin WordPress plugin before 4.0 discloses the URL of the admin panel via a... Moderate Unreviewed
CVE-2023-3139 was published Jul 4, 2023
An issue was discovered in the ProofreadPage (aka Proofread Page) extension for MediaWiki through... Moderate Unreviewed
CVE-2023-37305 was published Jun 30, 2023
User enumeration in Checkmk <=2.2.0p4 allows an authenticated attacker to enumerate usernames. Moderate Unreviewed
CVE-2023-22359 was published Jun 26, 2023
This issue was addressed with improved data protection. This issue is fixed in iOS 16.1 and... Moderate Unreviewed
CVE-2022-42792 was published Jun 23, 2023
An issue was discovered in Ujcms v6.0.2 allows attackers to gain sensitive information via the... High Unreviewed
CVE-2023-34878 was published Jun 14, 2023
Certain HP Enterprise LaserJet and HP LaserJet Managed Printers are potentially vulnerable to... High Unreviewed
CVE-2023-1707 was published Jun 13, 2023
AMI BMC contains a vulnerability in the IPMI handler, where an unauthorized attacker can use... Moderate Unreviewed
CVE-2023-34344 was published Jun 12, 2023
emoncms v11 and later was discovered to contain an information disclosure vulnerability which... Moderate Unreviewed
CVE-2023-33518 was published Jun 5, 2023
When dragging and dropping an image cross-origin, the image's size could potentially be leaked.... Moderate Unreviewed
CVE-2023-25741 was published Jun 2, 2023
The <code>Content-Security-Policy-Report-Only</code> header could allow an attacker to leak a... Moderate Unreviewed
CVE-2023-25728 was published Jun 2, 2023
Bluetooth Classic in Bluetooth Core Specification through 5.3 does not properly conceal device... Moderate Unreviewed
CVE-2022-24695 was published Jun 2, 2023
IBM GSKit could allow a remote attacker to obtain sensitive information, caused by a timing-based... High Unreviewed
CVE-2023-32342 was published May 31, 2023
Macrovideo v380pro v1.4.97 shares the device id and password when sharing the device. High Unreviewed
CVE-2023-33741 was published May 31, 2023
Avaya IX Workforce Engagement v15.2.7.1195 - User Enumeration - Observable Response Discrepancy Moderate Unreviewed
CVE-2023-31186 was published May 30, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database