Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,943
Erlang
29
GitHub Actions
16
Go
1,727
Maven
4,953
npm
3,485
NuGet
605
pip
3,052
Pub
10
RubyGems
832
Rust
778
Swift
34
Unreviewed advisories
All unreviewed
5,000+

20 advisories

In the Linux kernel, the following vulnerability has been resolved: drivers: perf: Do not... Unknown Unreviewed
CVE-2023-52839 was published May 21, 2024
In the Linux kernel, the following vulnerability has been resolved: ACPI: LPIT: Avoid u32... Unknown Unreviewed
CVE-2023-52683 was published May 17, 2024
dcnnt-py is vulnerable to command injection via Notification Handler Moderate
CVE-2023-1000 was published for dcnnt (pip) Apr 27, 2024
An issue was discovered in Newland Nquire 1000 Interactive Kiosk version NQ1000-II_G_V1.00.011,... Unknown Unreviewed
CVE-2023-49341 was published Mar 9, 2024
An issue was discovered in Newland Nquire 1000 Interactive Kiosk version NQ1000-II_G_V1.00.011,... Unknown Unreviewed
CVE-2023-49340 was published Mar 9, 2024
A post-authenticated server-side request forgery (SSRF) vulnerability in Trend Micro Apex Central... Moderate Unreviewed
CVE-2023-38626 was published Jan 23, 2024
Whole content of all documents of all wikis exposed to anybody with view right on Solr suggest service High
CVE-2023-48241 was published for org.xwiki.platform:xwiki-platform-search-solr-query (Maven) Nov 20, 2023
jose4j uses weak cryptographic algorithm High
CVE-2023-31582 was published for org.bitbucket.b_c:jose4j (Maven) Oct 25, 2023
A vulnerability in the Multicast Leaf Recycle Elimination (mLRE) feature of Cisco IOS XE Software... High Unreviewed
CVE-2023-20187 was published Sep 27, 2023
Magento LTS's guest order "protect code" can be brute-forced too easily High
CVE-2023-41879 was published for openmage/magento-lts (Composer) Sep 11, 2023
theroch fballiano
colinmollenhour
An issue was discovered on AudioCodes VoIP desk phones through 3.4.4.1000. Due to the use of a... High Unreviewed
CVE-2023-22956 was published Aug 11, 2023
An issue was discovered in libac_des3.so on AudioCodes VoIP desk phones through 3.4.4.1000. Due... High Unreviewed
CVE-2023-22957 was published Aug 11, 2023
An issue was discovered on AudioCodes VoIP desk phones through 3.4.4.1000. The validation of... High Unreviewed
CVE-2023-22955 was published Aug 11, 2023
Denial of service from unlimited password lengths Moderate
CVE-2023-38492 was published for getkirby/cms (Composer) Jul 28, 2023
5hank4r
The Rockwell Automation PowerMonitor 1000 contains stored cross-site scripting vulnerabilities... High Unreviewed
CVE-2023-2072 was published Jul 11, 2023
Apache Johnzon Deserialization of Untrusted Data vulnerability Moderate
CVE-2023-33008 was published for org.apache.johnzon:johnzon-mapper (Maven) Jul 7, 2023
CENTUM series provided by Yokogawa Electric Corporation are vulnerable to cleartext storage of... High Unreviewed
CVE-2023-26593 was published Apr 11, 2023
Multipart form parsing can consume large amounts of CPU and memory when processing form inputs... High Unreviewed
CVE-2023-24536 was published Apr 6, 2023
Denial of service in Jenkins Core Moderate
CVE-2023-27900 was published for org.jenkins-ci.main:jenkins-core (Maven) Mar 10, 2023
westonsteimel
A path traversal vulnerability exists in Sage FRP 1000 before November 2019. This allows remote... High Unreviewed
CVE-2019-25053 was published Jan 27, 2023
ProTip! Advisories are also available from the GraphQL API