Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,636
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

3,038 advisories

Loading
An issue has been discovered in GitLab CE/EE affecting all versions starting from 12.3 before 16... Moderate Unreviewed
CVE-2023-3909 was published Nov 6, 2023
An issue has been discovered in GitLab EE/CE affecting all versions starting before 16.3.6, all... Moderate Unreviewed
CVE-2023-3246 was published Nov 6, 2023
An issue has been discovered in GitLab CE/EE affecting all versions starting from 16.2 before 16... Moderate Unreviewed
CVE-2023-5825 was published Nov 6, 2023
A vulnerability was found in Samba's "rpcecho" development server, a non-Windows RPC server used... Moderate Unreviewed
CVE-2023-42669 was published Nov 6, 2023
A flaw was found in Samba. It is susceptible to a vulnerability where multiple incompatible RPC... Moderate Unreviewed
CVE-2023-42670 was published Nov 3, 2023
Django Denial-of-service in django.utils.text.Truncator High
CVE-2023-43665 was published for Django (pip) Nov 3, 2023
Pillow Denial of Service vulnerability High
CVE-2023-44271 was published for pillow (pip) Nov 3, 2023
Django Denial of service vulnerability in django.utils.encoding.uri_to_iri Moderate
CVE-2023-41164 was published for django (pip) Nov 3, 2023
Connections to external data sources, like e-mail autoconfiguration, were not terminated in case... Moderate Unreviewed
CVE-2023-29046 was published Nov 2, 2023
Mattermost fails to properly validate a RegExp built off the server URL path, allowing an... Low Unreviewed
CVE-2023-5876 was published Nov 2, 2023
Django potential denial of service vulnerability in UsernameField on Windows High
CVE-2023-46695 was published for Django (pip) Nov 2, 2023
A vulnerability in a logging API in Cisco Firepower Management Center (FMC) Software could allow... High Unreviewed
CVE-2023-20155 was published Nov 1, 2023
A regression was introduced in the Red Hat build of python-eventlet due to a change in the patch... Moderate Unreviewed
CVE-2023-5625 was published Nov 1, 2023
Uncontrolled resource consumption vulnerability in Cybozu Remote Service 4.1.0 to 4.1.1 allows a... Moderate Unreviewed
CVE-2023-46278 was published Nov 1, 2023
An issue in TP-Link Tapo C100 v1.1.15 Build 211130 Rel.15378n(4555) and before allows attackers... Moderate Unreviewed
CVE-2023-39610 was published Oct 31, 2023
In certain conditions for Calico Typha (v3.26.2, v3.25.1 and below), and Calico Enterprise Typha ... Unknown Unreviewed
CVE-2023-41377 was published Oct 31, 2023
An issue discovered in Nanoleaf Light strip v3.5.10 allows attackers to cause a denial of service... High Unreviewed
CVE-2023-45955 was published Oct 31, 2023
Artifex Software jbig2dec v0.20 was discovered to contain a SEGV vulnerability via jbig2_error at... Moderate Unreviewed
CVE-2023-46361 was published Oct 31, 2023
An issue discovered in Govee LED Strip v3.00.42 allows attackers to cause a denial of service via... High Unreviewed
CVE-2023-45956 was published Oct 31, 2023
memory leak flaw was found in ruby-magick Moderate
CVE-2023-5349 was published for rmagick (RubyGems) Oct 30, 2023
In Minikin, there is a possible way to trigger ANR by showing a malicious message due to resource... High Unreviewed
CVE-2023-21339 was published Oct 30, 2023
Elasticsearch vulnerable to Uncontrolled Resource Consumption High
CVE-2023-31418 was published for org.elasticsearch:elasticsearch (Maven) Oct 26, 2023
An inconsistent user interface issue was addressed with improved state management. This issue is... Moderate Unreviewed
CVE-2023-40408 was published Oct 25, 2023
Drivers are not always robust to extremely large draw calls and in some cases this scenario could... High Unreviewed
CVE-2023-5724 was published Oct 25, 2023
PingFederate Administrative Console dependency contains a weakness where console becomes... High Unreviewed
CVE-2023-39219 was published Oct 25, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database