Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,635
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

915 advisories

Loading
Input verification vulnerability in the fingerprint module. Successful exploitation of this... Critical Unreviewed
CVE-2022-48605 was published Sep 25, 2023
NVIDIA DGX H100 BMC contains a vulnerability in the REST service, where an attacker may cause... Critical Unreviewed
CVE-2023-31009 was published Sep 20, 2023
NVIDIA DGX H100 BMC contains a vulnerability in the web UI, where an attacker may cause improper... Critical Unreviewed
CVE-2023-25533 was published Sep 20, 2023
NVIDIA DGX H100 BMC contains a vulnerability in IPMI, where an attacker may cause improper input... Critical Unreviewed
CVE-2023-25534 was published Sep 20, 2023
NVIDIA DGX H100 BMC contains a vulnerability in the KVM service, where an attacker may cause... Critical Unreviewed
CVE-2023-25530 was published Sep 20, 2023
Improper Input Validation vulnerability in Honeywell PM43 on 32 bit, ARM (Printer web page... Critical Unreviewed
CVE-2023-3710 was published Sep 12, 2023
Microsoft Azure Kubernetes Service Elevation of Privilege Vulnerability Critical Unreviewed
CVE-2023-29332 was published Sep 12, 2023
Rockwell Automation FactoryTalk View Machine Edition on the PanelView Plus, improperly verifies... Critical Unreviewed
CVE-2023-2071 was published Sep 12, 2023
Magento affected by remote code execution vulnerability in the CMS page scheduled update feature Critical
CVE-2021-36021 was published for magento/community-edition (Composer) Sep 6, 2023
Improper input validation vulnerability in Samsung Health prior to version 6.24.2.011 allows... Critical Unreviewed
CVE-2023-30723 was published Sep 6, 2023
Apache Axis 1.x (EOL) may allow RCE when untrusted input is passed to getService Critical
CVE-2023-40743 was published for axis:axis (Maven) Sep 5, 2023
jkmartindale ebickle
Credited to jkmartindale and ebickle
Due to improper input validation, a remote attacker could execute arbitrary commands on the... Critical Unreviewed
CVE-2023-25915 was published Aug 21, 2023
The Rockwell Automation Thinmanager Thinserver is impacted by an improper input validation... Critical Unreviewed
CVE-2023-2915 was published Aug 17, 2023
The Rockwell Automation Thinmanager Thinserver is impacted by an improper input validation... Critical Unreviewed
CVE-2023-2917 was published Aug 17, 2023
Vulnerability of out-of-bounds parameter read/write in the Wi-Fi module. Successful exploitation... Critical Unreviewed
CVE-2023-39405 was published Aug 13, 2023
SES's dynamic import and spread operator provides possible path to arbitrary exfiltration and execution Critical
CVE-2023-39532 was published for ses (npm) Aug 9, 2023
corrideat
Credited to corrideat
Improper Input Validation vulnerability in Apache Software Foundation Apache Traffic Server.This... Critical Unreviewed
CVE-2023-33934 was published Aug 9, 2023
Improper input validation in Zoom Desktop Client for Windows before 5.14.7 may allow an... Critical Unreviewed
CVE-2023-39216 was published Aug 8, 2023
Improper Input Validation vulnerability in ABB Ltd. ASPECT®-Enterprise on ASPECT®-Enterprise,... Critical Unreviewed
CVE-2023-0636 was published Jul 6, 2023
A remote command injection vulnerability exists in the Barracuda Email Security Gateway ... Critical Unreviewed
CVE-2023-2868 was published Jul 6, 2023
Security vulnerability in Apache bRPC <1.5.0 on all platforms allows attackers to execute... Critical Unreviewed
CVE-2023-31039 was published Jul 6, 2023
Apache StreamPark Improper Input Validation vulnerability Critical
CVE-2022-46365 was published for org.apache.streampark:streampark (Maven) Jul 6, 2023
White Rabbit Switch contains a vulnerability which makes it possible for an attacker to perform... Critical Unreviewed
CVE-2023-22581 was published Jul 6, 2023
Elsight – Elsight Halo Remote Code Execution (RCE) Elsight Halo web panel allows us to perform... Critical Unreviewed
CVE-2022-36784 was published Jul 6, 2023
Weak Configuration due to improper input validation in Modem while processing LTE security mode... Critical Unreviewed
CVE-2023-21631 was published Jul 4, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database