GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,051
Erlang
29
GitHub Actions
19
Go
1,887
Maven
5,000+
npm
3,602
NuGet
638
pip
3,205
Pub
10
RubyGems
852
Rust
816
Swift
35
Unreviewed advisories
All unreviewed
5,000+
10,861 advisories
Filter by severity
An issue has been discovered in GitLab affecting all versions starting with 7.1. A member of a...
Low
Unreviewed
CVE-2021-22193
was published
May 24, 2022
A vulnerability that stores IMSI values in an improper path prior to SMR APR-2021 Release 1...
Low
Unreviewed
CVE-2021-25358
was published
May 24, 2022
In QEMU 1:4.1-1, 1:2.1+dfsg-12+deb8u6, 1:2.8+dfsg-6+deb9u8, 1:3.1+dfsg-8~deb10u1, 1:3.1+dfsg-8...
Low
Unreviewed
CVE-2019-12068
was published
May 24, 2022
An issue was discovered in the Arm Mali Kernel Driver. A non-privileged user can make improper...
Low
Unreviewed
CVE-2022-46396
was published
Apr 11, 2023
The Android version of pikpak v1.29.2 was discovered to contain an information leak via the debug...
Low
Unreviewed
CVE-2023-27703
was published
Apr 12, 2023
In Shadow 4.13, it is possible to inject control characters into fields provided to the SUID...
Low
Unreviewed
CVE-2023-29383
was published
Apr 15, 2023
Vulnerability in the Oracle Solaris product of Oracle Systems (component: IPS repository daemon)....
Low
Unreviewed
CVE-2023-21928
was published
Apr 18, 2023
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Connection Handling...
Low
Unreviewed
CVE-2023-21963
was published
Apr 18, 2023
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). ...
Low
Unreviewed
CVE-2023-21988
was published
Apr 18, 2023
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). ...
Low
Unreviewed
CVE-2023-21991
was published
Apr 18, 2023
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). ...
Low
Unreviewed
CVE-2023-21999
was published
Apr 18, 2023
Vulnerability in the Oracle Solaris product of Oracle Systems (component: Utility). Supported...
Low
Unreviewed
CVE-2023-22003
was published
Apr 18, 2023
NVIDIA CUDA Toolkit SDK for Linux and Windows contains a NULL pointer dereference in cuobjdump,...
Low
Unreviewed
CVE-2023-25510
was published
Apr 22, 2023
NVIDIA CUDA Toolkit for Linux and Windows contains a vulnerability in cuobjdump, where a division...
Low
Unreviewed
CVE-2023-25511
was published
Apr 22, 2023
PingID integration for Windows login prior to 2.9 does not handle duplicate usernames, which can...
Low
Unreviewed
CVE-2022-23721
was published
Apr 25, 2023
Improper access control vulnerability in Telephony framework prior to SMR May-2023 Release 1...
Low
Unreviewed
CVE-2023-21487
was published
May 4, 2023
Filebeat versions through 7.17.9 and 8.6.2 have a flaw in httpjson input that allows the http...
Low
Unreviewed
CVE-2023-31413
was published
May 4, 2023
A logic issue was addressed with improved restrictions. This issue is fixed in macOS Ventura 13.3...
Low
Unreviewed
CVE-2023-23523
was published
May 8, 2023
The issue was addressed with additional restrictions on the observability of app states. This...
Low
Unreviewed
CVE-2023-23543
was published
May 8, 2023
The issue was addressed with improved checks. This issue is fixed in iOS 16.4 and iPadOS 16.4. An...
Low
Unreviewed
CVE-2023-28194
was published
May 8, 2023
A vulnerability has been identified in SCALANCE LPE9403 (All versions < V2.1). The `i2c` mutex...
Low
Unreviewed
CVE-2023-27408
was published
May 9, 2023
A vulnerability has been identified in SCALANCE LPE9403 (All versions < V2.1). A heap-based...
Low
Unreviewed
CVE-2023-27410
was published
May 9, 2023
A vulnerability has been identified in SIMATIC Cloud Connect 7 CC712 (All versions >= V2.0 < V2.1...
Low
Unreviewed
CVE-2023-29128
was published
May 9, 2023
yasm v1.3.0 was discovered to contain a memory leak via the function yasm_intnum_copy at /libyasm...
Low
Unreviewed
CVE-2023-31975
was published
May 9, 2023
Microsoft Access Denial of Service Vulnerability
Low
Unreviewed
CVE-2023-29333
was published
May 9, 2023
ProTip!
Advisories are also available from the
GraphQL API