GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,971
Erlang
29
GitHub Actions
16
Go
1,752
Maven
4,982
npm
3,516
NuGet
609
pip
3,091
Pub
10
RubyGems
833
Rust
782
Swift
34
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
114 advisories
Filter by severity
Insufficient verification of data authenticity issue exists in NJ Series CPU Unit all versions...
High
Unreviewed
CVE-2024-33687
was published
Jun 24, 2024
Invision Community through 4.7.16 allows remote code execution via the applications/core/modules...
High
Unreviewed
CVE-2024-30162
was published
Jun 7, 2024
A flaw was found in Booth, a cluster ticket manager. If a specially-crafted hash is passed to...
High
Unreviewed
CVE-2024-3049
was published
Jun 6, 2024
NETGEAR RAX30 lighttpd Misconfiguration Remote Code Execution Vulnerability. This vulnerability...
High
Unreviewed
CVE-2023-27360
was published
May 3, 2024
Malformed Device Reset Locally command classes can be sent to temporarily deny service to an end...
High
Unreviewed
CVE-2024-3051
was published
Apr 27, 2024
Vulnerability of trust relationships being inaccurate in distributed scenarios. Successful...
High
Unreviewed
CVE-2023-52109
was published
Jan 16, 2024
Bashis, a Security Researcher at IPVM has found a flaw that allows for a remote code execution...
High
Unreviewed
CVE-2023-5747
was published
Nov 13, 2023
Insufficient data validation in USB in Google Chrome prior to 119.0.6045.105 allowed a remote...
High
Unreviewed
CVE-2023-5482
was published
Nov 1, 2023
When the Node.js policy feature checks the integrity of a resource against a trusted manifest,...
High
Unreviewed
CVE-2023-38552
was published
Oct 18, 2023
An insufficient verification of data vulnerability exists in BIG-IP Edge Client Installer on...
High
Unreviewed
CVE-2023-5450
was published
Oct 10, 2023
In EVE OS, the “measured boot” mechanism prevents a compromised device from accessing
the...
High
Unreviewed
CVE-2023-43636
was published
Sep 20, 2023
A vulnerability in the iPXE boot function of Cisco IOS XR software could allow an authenticated,...
High
Unreviewed
CVE-2023-20236
was published
Sep 13, 2023
Insufficient verification of data authenticity vulnerability in Delinea Secret Server, in its v10...
High
Unreviewed
CVE-2023-4589
was published
Sep 6, 2023
IBM Aspera Faspex 5.0.5 could allow a remote attacked to bypass IP restrictions due to improper...
High
Unreviewed
CVE-2023-35906
was published
Sep 5, 2023
An issue was discovered on AudioCodes VoIP desk phones through 3.4.4.1000. The validation of...
High
Unreviewed
CVE-2023-22955
was published
Aug 11, 2023
Insufficient verification of data authenticity in Zoom Desktop Client for Windows before 5.14.5...
High
Unreviewed
CVE-2023-36541
was published
Aug 8, 2023
In CODESYS Development System versions from 3.5.11.20 and before 3.5.19.20 a missing integrity...
High
Unreviewed
CVE-2023-3663
was published
Aug 3, 2023
In JetBrains IntelliJ IDEA before 2023.1 in some cases, Gradle and Maven projects could be...
High
Unreviewed
CVE-2022-48431
was published
Jul 6, 2023
Rumpus - FTP server version 9.0.7.1 Improper Token Verification– vulnerability may allow...
High
Unreviewed
CVE-2022-46370
was published
Jul 6, 2023
The driver installation package created by Printer Driver Packager NX v1.0.02 to v1.1.25 fails to...
High
Unreviewed
CVE-2023-30759
was published
Jun 19, 2023
Insufficient verification of data authenticity in Zoom for Windows clients before 5.14.0 may...
High
Unreviewed
CVE-2023-34113
was published
Jun 13, 2023
If an attacker can trick an authenticated user into loading a maliciously crafted .zip file onto...
High
Unreviewed
CVE-2023-2866
was published
Jun 7, 2023
Altenergy Power Control Software C1.2.5 was discovered to contain a remote code execution (RCE)...
High
Unreviewed
CVE-2023-31502
was published
May 12, 2023
A man in the middle can redirect traffic to a malicious server in a compromised configuration.
High
Unreviewed
CVE-2023-26467
was published
Apr 11, 2023
A CWE-345: Insufficient Verification of Data Authenticity vulnerability exists in the Data Server...
High
Unreviewed
CVE-2023-27979
was published
Mar 21, 2023
ProTip!
Advisories are also available from the
GraphQL API