Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,635
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

915 advisories

Loading
Apache Airflow Hive Provider Beeline remote code execution with Principal Critical
CVE-2023-35797 was published for apache-airflow-providers-apache-hive (pip) Jul 3, 2023
A improper input validation vulnerability exists in Ivanti Endpoint Manager 2022 and below that... Critical Unreviewed
CVE-2023-28324 was published Jul 1, 2023
Multiple vulnerabilities in Cisco Expressway Series and Cisco TelePresence Video Communication... Critical Unreviewed
CVE-2023-20105 was published Jun 28, 2023
Multiple vulnerabilities in Cisco Expressway Series and Cisco TelePresence Video Communication... Critical Unreviewed
CVE-2023-20192 was published Jun 28, 2023
XSS vulnerability from InstantPlay in Galaxy Store prior to version 4.5.49.8 allows attackers to... Critical Unreviewed
CVE-2023-21516 was published May 27, 2023
Ckan remote code execution and private information access via crafted resource ids Critical
CVE-2023-32321 was published for ckan (pip) May 24, 2023
YoloClin
Credited to YoloClin
Apache Sling Commons JSON bundle vulnerable to Improper Input Validation Critical
CVE-2022-47937 was published for org.apache.sling:org.apache.sling.commons.json (Maven) May 15, 2023
Insufficient input validation in the SMU may allow an attacker to corrupt SMU SRAM potentially... Critical Unreviewed
CVE-2021-46762 was published May 9, 2023
Insufficient input validation in the ASP (AMD Secure Processor) bootloader may allow an attacker... Critical Unreviewed
CVE-2021-46754 was published May 9, 2023
Insufficient validation of inputs in SVC_MAP_USER_STACK in the ASP (AMD Secure Processor)... Critical Unreviewed
CVE-2021-46756 was published May 9, 2023
Django bypasses validation when using one form field to upload multiple files Critical
CVE-2023-31047 was published for Django (pip) May 7, 2023
Potential buffer overflow vulnerability in mm_LteInterRatManagement.c in Shannon baseband prior... Critical Unreviewed
CVE-2023-21503 was published May 4, 2023
Potential buffer overflow vulnerability in mm_Plmncoordination.c in Shannon baseband prior to SMR... Critical Unreviewed
CVE-2023-21504 was published May 4, 2023
Potential buffer overflow vulnerability in auth api in mm_Authentication.c in Shannon baseband... Critical Unreviewed
CVE-2023-21494 was published May 4, 2023
An issue was discovered in ONOS 2.5.1. An intent with a large port number shows the CORRUPT state... Critical Unreviewed
CVE-2022-29606 was published Apr 20, 2023
memory corruption in modem due to improper check while calculating size of serialized CoAP message Critical Unreviewed
CVE-2022-33211 was published Apr 13, 2023
Certain Lexmark devices through 2023-02-19 mishandle Input Validation (issue 2 of 4). Critical Unreviewed
CVE-2023-26068 was published Apr 10, 2023
Certain Lexmark devices through 2023-02-19 mishandle Input Validation (issue 4 of 4). Critical Unreviewed
CVE-2023-26070 was published Apr 10, 2023
Certain Lexmark devices through 2023-02-19 mishandle Input Validation (issue 3 of 4). Critical Unreviewed
CVE-2023-26069 was published Apr 10, 2023
Microsoft Outlook Elevation of Privilege Vulnerability Critical Unreviewed
CVE-2023-23397 was published Mar 14, 2023
The Samsung Exynos Modem 5123, Exynos Modem 5300, Exynos 980, Exynos 1080, and Exynos Auto T512... Critical Unreviewed
CVE-2023-24033 was published Mar 13, 2023
An issue found in Peacexie Imcat v5.4 allows attackers to execute arbitrary code via the... Critical Unreviewed
CVE-2021-35370 was published Feb 24, 2023
Apache Airflow Sqoop Provider Improper Input Validation vulnerability Critical
CVE-2023-25693 was published for apache-airflow-providers-apache-sqoop (pip) Feb 24, 2023
Apache Airflow Google Provider Improper Input Validation vulnerability Critical
CVE-2023-25691 was published for apache-airflow-providers-google (pip) Feb 24, 2023
Apache Airflow Hive Provider Improper Input Validation vulnerability Critical
CVE-2023-25696 was published for apache-airflow-providers-apache-hive (pip) Feb 24, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database