GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,967
Erlang
29
GitHub Actions
16
Go
1,748
Maven
4,978
npm
3,509
NuGet
609
pip
3,075
Pub
10
RubyGems
832
Rust
781
Swift
34
Unreviewed advisories
All unreviewed
5,000+
33 advisories
Filter by severity
IBM Security Verify Access 10.0.0.0 through 10.0.7.1, under certain configurations, could allow...
Moderate
Unreviewed
CVE-2024-31883
was published
Jun 27, 2024
An improper check or handling of exceptional conditions vulnerability [CWE-703] in Fortinet...
Moderate
Unreviewed
CVE-2024-26007
was published
May 14, 2024
Kubelet Incorrect Privilege Assignment
Moderate
CVE-2019-11245
was published
for
k8s.io/kubernetes/cmd/kubelet
(Go)
Apr 24, 2024
An Improper Check or Handling of Exceptional Conditions vulnerability in the Packet Forwarding...
Moderate
Unreviewed
CVE-2024-21593
was published
Apr 12, 2024
HashiCorpVault does not correctly validate OCSP responses
Moderate
CVE-2024-2660
was published
for
github.com/hashicorp/vault
(Go)
Apr 4, 2024
AVEVA PI Server versions 2023 and 2018 SP3 P05 and prior contain a vulnerability that could...
High
Unreviewed
CVE-2023-34348
was published
Jan 18, 2024
An Improper Check for Unusual or Exceptional Conditions vulnerability in Juniper DHCP Daemon ...
Moderate
Unreviewed
CVE-2023-36842
was published
Jan 12, 2024
Rust EVM erroneousle handles `record_external_operation` error return
Moderate
CVE-2024-21629
was published
for
evm
(Rust)
Jan 3, 2024
An improper handling of a malformed API answer packets to API clients in Bosch BT software...
Moderate
Unreviewed
CVE-2023-35867
was published
Dec 22, 2023
An improper handling of a malformed API request to an API server in Bosch BT software products...
High
Unreviewed
CVE-2023-32230
was published
Dec 22, 2023
A flaw was found in KVM. An improper check in svm_set_x2apic_msr_interception() may allow direct...
Moderate
Unreviewed
CVE-2023-5090
was published
Nov 6, 2023
Apollo Router vulnerable to Improper Check or Handling of Exceptional Conditions
High
CVE-2023-45812
was published
for
apollo-router
(Rust)
Oct 19, 2023
An Improper Check or Handling of Exceptional Conditions vulnerability in the Packet Forwarding...
Moderate
Unreviewed
CVE-2023-44203
was published
Oct 13, 2023
Motorola EBTS/MBTS Site Controller drops to debug prompt on unhandled exception. The Motorola...
High
Unreviewed
CVE-2023-23774
was published
Aug 29, 2023
An unhandled error in Vault Enterprise's namespace creation may cause the Vault process to crash,...
Unknown
Unreviewed
CVE-2023-3774
was published
Jul 28, 2023
An Improper Check or Handling of Exceptional Conditions vulnerability in the Layer-2 control...
Moderate
Unreviewed
CVE-2023-36849
was published
Jul 14, 2023
An Improper Check or Handling of Exceptional Conditions vulnerability in the UTM (Unified Threat...
High
Unreviewed
CVE-2023-36831
was published
Jul 14, 2023
VTAdmin users that can create shards can deny access to other functions
Moderate
CVE-2023-29195
was published
for
vitess.io/vitess
(Go)
May 11, 2023
NVIDIA ConnectX-5, ConnectX-6, and ConnectX6-DX contain a vulnerability in the NIC firmware,...
High
Unreviewed
CVE-2023-0204
was published
Apr 22, 2023
An Improper Check or Handling of Exceptional Conditions vulnerability in packet processing on the...
Moderate
Unreviewed
CVE-2023-28970
was published
Apr 18, 2023
An Improper Check or Handling of Exceptional Conditions within the storm control feature of...
High
Unreviewed
CVE-2023-28965
was published
Apr 18, 2023
An Improper Check or Handling of Exceptional Conditions vulnerability in packet processing of...
Moderate
Unreviewed
CVE-2023-28959
was published
Apr 18, 2023
A local file deletion vulnerability in Palo Alto Networks PAN-OS software enables an...
Moderate
Unreviewed
CVE-2023-0004
was published
Apr 12, 2023
vitess allows users to create keyspaces that can deny access to already existing keyspaces
Moderate
CVE-2023-29194
was published
for
vitess.io/vitess
(Go)
Apr 11, 2023
nadesiko3 allows remote attacker to inject invalid value to decodeURIComponent of nako3edit
Moderate
CVE-2022-41777
was published
for
nadesiko3
(npm)
Dec 5, 2022
ProTip!
Advisories are also available from the
GraphQL API