Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,636
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

5,054 advisories

Loading
 Insecure job execution mechanism vulnerability. This vulnerability can lead to other attacks as... High Unreviewed
CVE-2023-40061 was published Nov 1, 2023
SolarWinds Platform Incomplete List of Disallowed Inputs Remote Code Execution Vulnerability. If... High Unreviewed
CVE-2023-40062 was published Nov 1, 2023
Dolibarr Improper Input Validation vulnerability High
CVE-2023-4197 was published for dolibarr/dolibarr (Composer) Nov 1, 2023
Kubernetes privilege escalation vulnerability High
CVE-2023-3955 was published for k8s.io/kubernetes (Go) Oct 31, 2023
Kubernetes privilege escalation vulnerability High
CVE-2023-3676 was published for k8s.io/kubernetes (Go) Oct 31, 2023
In Messaging, there is a possible way to disable the messaging application due to improper input... High Unreviewed
CVE-2023-21391 was published Oct 30, 2023
Rockwell Automation FactoryTalk View Site Edition insufficiently validates user input, which... High Unreviewed
CVE-2023-46289 was published Oct 27, 2023
Under certain conditions, Nessus Network Monitor was found to not properly enforce input... High Unreviewed
CVE-2023-5624 was published Oct 26, 2023
Ingress nginx annotation injection causes arbitrary command execution High
CVE-2023-5043 was published for k8s.io/ingress-nginx (Go) Oct 25, 2023
Ingress-nginx code injection via nginx.ingress.kubernetes.io/permanent-redirect annotation High
CVE-2023-5044 was published for k8s.io/ingress-nginx (Go) Oct 25, 2023
joshbressers
Credited to joshbressers
Ingress-nginx path sanitization can be bypassed High
CVE-2022-4886 was published for k8s.io/ingress-nginx (Go) Oct 25, 2023
Multiple vulnerabilities in the Zscaler Client Connector Installer and Uninstaller for Windows... High Unreviewed
CVE-2021-26736 was published Oct 23, 2023
PDM Trojan Lockfile High
CVE-2023-45805 was published for pdm (pip) Oct 20, 2023
wayphinder
Credited to wayphinder
Improper Input Validation vulnerability in Apache Traffic Server with malformed HTTP/2 frames... High Unreviewed
CVE-2023-39456 was published Oct 17, 2023
IBM Security Verify Privilege On-Premise 11.5 could allow an authenticated user to obtain... High Unreviewed
CVE-2021-29913 was published Oct 17, 2023
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5 is vulnerable to denial of... High Unreviewed
CVE-2023-40372 was published Oct 17, 2023
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) is vulnerable to denial of... High Unreviewed
CVE-2023-40373 was published Oct 17, 2023
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5 is vulnerable to denial of... High Unreviewed
CVE-2023-40374 was published Oct 17, 2023
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.1 and 11.5 is vulnerable to... High Unreviewed
CVE-2023-30991 was published Oct 17, 2023
IBM Db2 for Linux, UNIX, and Windows (includes Db2 Connect Server) 11.5 is vulnerable to a denial... High Unreviewed
CVE-2023-38740 was published Oct 17, 2023
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is... High Unreviewed
CVE-2023-38728 was published Oct 17, 2023
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is... High Unreviewed
CVE-2023-30987 was published Oct 16, 2023
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5 and 11.5 is vulnerable to... High Unreviewed
CVE-2023-38720 was published Oct 16, 2023
An Improper Input Validation vulnerability in the Packet Forwarding Engine of Juniper Networks... High Unreviewed
CVE-2023-44192 was published Oct 13, 2023
An Improper Input Validation vulnerability in the routing protocol daemon (rpd) of Juniper... High Unreviewed
CVE-2023-44185 was published Oct 13, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database