GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,988
Erlang
29
GitHub Actions
16
Go
1,778
Maven
5,000+
npm
3,542
NuGet
619
pip
3,127
Pub
10
RubyGems
838
Rust
791
Swift
34
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
193 advisories
Filter by severity
In network service, there is a missing permission check. This could lead to local escalation of...
Moderate
Unreviewed
CVE-2022-39082
was published
Jan 4, 2023
Dell PowerScale OneFS, 8.2.x-9.4.x, contain a command injection vulnerability. An authenticated...
Moderate
Unreviewed
CVE-2022-45095
was published
Feb 1, 2023
Vulnerability in the CLI of Cisco Secure Email Gateway could allow an authenticated, remote...
Moderate
Unreviewed
CVE-2023-20075
was published
Mar 1, 2023
Command Injection in GitHub repository btcpayserver/btcpayserver prior to 1.8.3.
Moderate
Unreviewed
CVE-2023-1270
was published
Mar 8, 2023
A command injection vulnerability in Trellix Intelligent Sandbox CLI for version 5.2 and earlier,...
Moderate
Unreviewed
CVE-2023-0978
was published
Mar 13, 2023
A vulnerability in Cisco access points (AP) software could allow an authenticated, local attacker...
Moderate
Unreviewed
CVE-2023-20097
was published
Mar 23, 2023
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected...
Moderate
Unreviewed
CVE-2022-43623
was published
Mar 29, 2023
An issue was discovered in GitLab Community and Enterprise Edition before 11.11.8, 12 before 12.0...
Moderate
Unreviewed
CVE-2019-14944
was published
Apr 16, 2023
Amanda 3.5.1 allows privilege escalation from the regular user backup to root. The SUID binary...
Moderate
Unreviewed
CVE-2022-37704
was published
Apr 16, 2023
A vulnerability, which was classified as critical, was found in Ubiquiti EdgeRouter X up to 2.0.9...
Moderate
Unreviewed
CVE-2023-2373
was published
Apr 28, 2023
A vulnerability has been found in Ubiquiti EdgeRouter X up to 2.0.9-hotfix.6 and classified as...
Moderate
Unreviewed
CVE-2023-2374
was published
Apr 28, 2023
A vulnerability was found in Ubiquiti EdgeRouter X up to 2.0.9-hotfix.6 and classified as...
Moderate
Unreviewed
CVE-2023-2375
was published
Apr 28, 2023
A vulnerability was found in Ubiquiti EdgeRouter X up to 2.0.9-hotfix.6. It has been rated as...
Moderate
Unreviewed
CVE-2023-2378
was published
Apr 28, 2023
A vulnerability was found in Ubiquiti EdgeRouter X up to 2.0.9-hotfix.6. It has been classified...
Moderate
Unreviewed
CVE-2023-2376
was published
Apr 28, 2023
A vulnerability was found in Ubiquiti EdgeRouter X up to 2.0.9-hotfix.6. It has been declared as...
Moderate
Unreviewed
CVE-2023-2377
was published
Apr 28, 2023
A vulnerability was found in Weaver E-Office 9.5 and classified as critical. Affected by this...
Moderate
Unreviewed
CVE-2023-2647
was published
May 11, 2023
An issue was discovered on GL.iNet devices before 3.216. There is an arbitrary file write in...
Moderate
Unreviewed
CVE-2023-31473
was published
May 11, 2023
A vulnerability was found in Caton Live up to 2023-04-26 and classified as critical. This issue...
Moderate
Unreviewed
CVE-2023-2682
was published
May 12, 2023
An issue was discovered in Citadel through webcit-926. Meddler-in-the-middle attackers can...
Moderate
Unreviewed
CVE-2020-29547
was published
May 29, 2023
A vulnerability classified as problematic was found in Chengdu VEC40G 3.0. Affected by this...
Moderate
Unreviewed
CVE-2023-3206
was published
Jun 12, 2023
Control characters were not removed when exporting user feedback content. This allowed attackers...
Moderate
Unreviewed
CVE-2023-26429
was published
Jun 20, 2023
Post-authentication remote command injection vulnerabilities in Western Digital My Cloud OS 5...
Moderate
Unreviewed
CVE-2023-22815
was published
Jul 1, 2023
An attacker having physical access to WDM can plug USB device to gain access and execute unwanted...
Moderate
Unreviewed
CVE-2022-46361
was published
Jul 6, 2023
Brocade Fabric OS before Brocade Fabric OS v9.1.1c, v9.2.0 contains a vulnerability when using...
Moderate
Unreviewed
CVE-2023-31429
was published
Aug 1, 2023
Insufficient validation of untrusted input in Chromad in Google Chrome on ChromeOS prior to 115.0...
Moderate
Unreviewed
CVE-2023-3739
was published
Aug 2, 2023
ProTip!
Advisories are also available from the
GraphQL API