GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,943
Erlang
29
GitHub Actions
16
Go
1,727
Maven
4,953
npm
3,485
NuGet
605
pip
3,052
Pub
10
RubyGems
832
Rust
778
Swift
34
Unreviewed advisories
All unreviewed
5,000+
20 advisories
Filter by severity
In the Linux kernel, the following vulnerability has been resolved:
drivers: perf: Do not...
Unknown
Unreviewed
CVE-2023-52839
was published
May 21, 2024
In the Linux kernel, the following vulnerability has been resolved:
ACPI: LPIT: Avoid u32...
Unknown
Unreviewed
CVE-2023-52683
was published
May 17, 2024
dcnnt-py is vulnerable to command injection via Notification Handler
Moderate
CVE-2023-1000
was published
for
dcnnt
(pip)
Apr 27, 2024
An issue was discovered in Newland Nquire 1000 Interactive Kiosk version NQ1000-II_G_V1.00.011,...
Unknown
Unreviewed
CVE-2023-49341
was published
Mar 9, 2024
An issue was discovered in Newland Nquire 1000 Interactive Kiosk version NQ1000-II_G_V1.00.011,...
Unknown
Unreviewed
CVE-2023-49340
was published
Mar 9, 2024
A post-authenticated server-side request forgery (SSRF) vulnerability in Trend Micro Apex Central...
Moderate
Unreviewed
CVE-2023-38626
was published
Jan 23, 2024
Whole content of all documents of all wikis exposed to anybody with view right on Solr suggest service
High
CVE-2023-48241
was published
for
org.xwiki.platform:xwiki-platform-search-solr-query
(Maven)
Nov 20, 2023
jose4j uses weak cryptographic algorithm
High
CVE-2023-31582
was published
for
org.bitbucket.b_c:jose4j
(Maven)
Oct 25, 2023
A vulnerability in the Multicast Leaf Recycle Elimination (mLRE) feature of Cisco IOS XE Software...
High
Unreviewed
CVE-2023-20187
was published
Sep 27, 2023
Magento LTS's guest order "protect code" can be brute-forced too easily
High
CVE-2023-41879
was published
for
openmage/magento-lts
(Composer)
Sep 11, 2023
An issue was discovered on AudioCodes VoIP desk phones through 3.4.4.1000. Due to the use of a...
High
Unreviewed
CVE-2023-22956
was published
Aug 11, 2023
An issue was discovered in libac_des3.so on AudioCodes VoIP desk phones through 3.4.4.1000. Due...
High
Unreviewed
CVE-2023-22957
was published
Aug 11, 2023
An issue was discovered on AudioCodes VoIP desk phones through 3.4.4.1000. The validation of...
High
Unreviewed
CVE-2023-22955
was published
Aug 11, 2023
Denial of service from unlimited password lengths
Moderate
CVE-2023-38492
was published
for
getkirby/cms
(Composer)
Jul 28, 2023
The Rockwell Automation PowerMonitor 1000 contains stored cross-site scripting vulnerabilities...
High
Unreviewed
CVE-2023-2072
was published
Jul 11, 2023
Apache Johnzon Deserialization of Untrusted Data vulnerability
Moderate
CVE-2023-33008
was published
for
org.apache.johnzon:johnzon-mapper
(Maven)
Jul 7, 2023
CENTUM series provided by Yokogawa Electric Corporation are vulnerable to cleartext storage of...
High
Unreviewed
CVE-2023-26593
was published
Apr 11, 2023
Multipart form parsing can consume large amounts of CPU and memory when processing form inputs...
High
Unreviewed
CVE-2023-24536
was published
Apr 6, 2023
Denial of service in Jenkins Core
Moderate
CVE-2023-27900
was published
for
org.jenkins-ci.main:jenkins-core
(Maven)
Mar 10, 2023
A path traversal vulnerability exists in Sage FRP 1000 before November 2019. This allows remote...
High
Unreviewed
CVE-2019-25053
was published
Jan 27, 2023
ProTip!
Advisories are also available from the
GraphQL API