GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,605
Erlang
29
GitHub Actions
16
Go
1,697
Maven
4,936
npm
3,466
NuGet
601
pip
2,975
Pub
10
RubyGems
826
Rust
767
Swift
34
Unreviewed advisories
All unreviewed
5,000+
20 advisories
Filter by severity
ILIAS (2013-09-12 release) contains a medium-criticality Directory Traversal local file inclusion...
Moderate
Unreviewed
CVE-2023-45867
was published
Oct 26, 2023
ABB is aware of vulnerabilities in the product versions listed below. An update is available...
High
Unreviewed
CVE-2023-0426
was published
Aug 7, 2023
ABB is aware of vulnerabilities in the product versions listed below. An update is available...
High
Unreviewed
CVE-2023-0425
was published
Aug 7, 2023
In WS-Inc J WBEM Server 4.7.4 before 4.7.5, the CIM-XML protocol adapter does not disable entity...
Critical
Unreviewed
CVE-2023-37364
was published
Aug 3, 2023
A vulnerability classified as critical was found in Campcodes Beauty Salon Management System 1.0....
Moderate
Unreviewed
CVE-2023-3881
was published
Jul 25, 2023
An issue has been discovered in GitLab CE/EE affecting all versions starting from 1.2 before 15...
Moderate
Unreviewed
CVE-2023-2013
was published
Jun 7, 2023
drivers/hid/hid-logitech-dj.c in the Human Interface Device (HID) subsystem in the Linux kernel...
Moderate
Unreviewed
CVE-2013-2895
was published
May 17, 2022
drivers/hid/hid-lenovo-tpkbd.c in the Human Interface Device (HID) subsystem in the Linux kernel...
Moderate
Unreviewed
CVE-2013-2894
was published
May 17, 2022
Cross-site scripting (XSS) vulnerability in actionscript/Jplayer.as in the Flash SWF component ...
Moderate
Unreviewed
CVE-2013-2023
was published
May 17, 2022
jplayer Cross Site Scripting vulnerability
Moderate
CVE-2013-2022
was published
for
jplayer
(npm)
May 17, 2022
Multiple cross-site scripting (XSS) vulnerabilities in actionscript/Jplayer.as in the Flash SWF...
Moderate
Unreviewed
CVE-2013-1942
was published
May 17, 2022
The HP Smart Array controller disk-array driver and Compaq SMART2 controller disk-array driver in...
Low
Unreviewed
CVE-2013-2147
was published
May 14, 2022
drivers/hid/hid-zpff.c in the Human Interface Device (HID) subsystem in the Linux kernel through...
Moderate
Unreviewed
CVE-2013-2889
was published
May 14, 2022
The Human Interface Device (HID) subsystem in the Linux kernel through 3.11, when...
Moderate
Unreviewed
CVE-2013-2893
was published
May 14, 2022
Multiple array index errors in drivers/hid/hid-multitouch.c in the Human Interface Device (HID)...
Moderate
Unreviewed
CVE-2013-2897
was published
May 14, 2022
Use-after-free vulnerability in drivers/net/tun.c in the Linux kernel through 3.11.1 allows local...
Moderate
Unreviewed
CVE-2013-4343
was published
May 14, 2022
Uncontrolled Resource Consumption in Apache Commons Compress
Moderate
CVE-2012-2098
was published
for
org.apache.commons:commons-compress
(Maven)
May 13, 2022
The ipv6_create_tempaddr function in net/ipv6/addrconf.c in the Linux kernel through 3.8 does not...
Low
Unreviewed
CVE-2013-0343
was published
May 5, 2022
Zabbix before 5.0 represents passwords in the users table with unsalted MD5.
Moderate
Unreviewed
CVE-2013-7484
was published
May 5, 2022
A Pointer Dereference Vulnerability exists in GPAC 1.0.1 via the gf_fileio_check function, which...
Moderate
Unreviewed
CVE-2021-46049
was published
Jan 11, 2022
ProTip!
Advisories are also available from the
GraphQL API