Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,605
Erlang
29
GitHub Actions
16
Go
1,697
Maven
4,936
npm
3,466
NuGet
601
pip
2,975
Pub
10
RubyGems
826
Rust
767
Swift
34
Unreviewed advisories
All unreviewed
5,000+

20 advisories

ILIAS (2013-09-12 release) contains a medium-criticality Directory Traversal local file inclusion... Moderate Unreviewed
CVE-2023-45867 was published Oct 26, 2023
ABB is aware of vulnerabilities in the product versions listed below. An update is available... High Unreviewed
CVE-2023-0426 was published Aug 7, 2023
ABB is aware of vulnerabilities in the product versions listed below. An update is available... High Unreviewed
CVE-2023-0425 was published Aug 7, 2023
In WS-Inc J WBEM Server 4.7.4 before 4.7.5, the CIM-XML protocol adapter does not disable entity... Critical Unreviewed
CVE-2023-37364 was published Aug 3, 2023
A vulnerability classified as critical was found in Campcodes Beauty Salon Management System 1.0.... Moderate Unreviewed
CVE-2023-3881 was published Jul 25, 2023
An issue has been discovered in GitLab CE/EE affecting all versions starting from 1.2 before 15... Moderate Unreviewed
CVE-2023-2013 was published Jun 7, 2023
drivers/hid/hid-logitech-dj.c in the Human Interface Device (HID) subsystem in the Linux kernel... Moderate Unreviewed
CVE-2013-2895 was published May 17, 2022
drivers/hid/hid-lenovo-tpkbd.c in the Human Interface Device (HID) subsystem in the Linux kernel... Moderate Unreviewed
CVE-2013-2894 was published May 17, 2022
Cross-site scripting (XSS) vulnerability in actionscript/Jplayer.as in the Flash SWF component ... Moderate Unreviewed
CVE-2013-2023 was published May 17, 2022
jplayer Cross Site Scripting vulnerability Moderate
CVE-2013-2022 was published for jplayer (npm) May 17, 2022
anonymous4ACL24
Multiple cross-site scripting (XSS) vulnerabilities in actionscript/Jplayer.as in the Flash SWF... Moderate Unreviewed
CVE-2013-1942 was published May 17, 2022
The HP Smart Array controller disk-array driver and Compaq SMART2 controller disk-array driver in... Low Unreviewed
CVE-2013-2147 was published May 14, 2022
drivers/hid/hid-zpff.c in the Human Interface Device (HID) subsystem in the Linux kernel through... Moderate Unreviewed
CVE-2013-2889 was published May 14, 2022
The Human Interface Device (HID) subsystem in the Linux kernel through 3.11, when... Moderate Unreviewed
CVE-2013-2893 was published May 14, 2022
Multiple array index errors in drivers/hid/hid-multitouch.c in the Human Interface Device (HID)... Moderate Unreviewed
CVE-2013-2897 was published May 14, 2022
Use-after-free vulnerability in drivers/net/tun.c in the Linux kernel through 3.11.1 allows local... Moderate Unreviewed
CVE-2013-4343 was published May 14, 2022
Uncontrolled Resource Consumption in Apache Commons Compress Moderate
CVE-2012-2098 was published for org.apache.commons:commons-compress (Maven) May 13, 2022
MarkLee131
The ipv6_create_tempaddr function in net/ipv6/addrconf.c in the Linux kernel through 3.8 does not... Low Unreviewed
CVE-2013-0343 was published May 5, 2022
Zabbix before 5.0 represents passwords in the users table with unsalted MD5. Moderate Unreviewed
CVE-2013-7484 was published May 5, 2022
A Pointer Dereference Vulnerability exists in GPAC 1.0.1 via the gf_fileio_check function, which... Moderate Unreviewed
CVE-2021-46049 was published Jan 11, 2022
ProTip! Advisories are also available from the GraphQL API