Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,640
Maven
5,000+
npm
4,265
NuGet
760
pip
4,061
Pub
12
RubyGems
956
Rust
1,057
Swift
45
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

2,094 advisories

Loading
An issue in YASM 1.3.0.86.g9def allows a remote attacker to cause a denial of service via the... Moderate Unreviewed
CVE-2023-49555 was published Jan 3, 2024
An issue in YASM 1.3.0.86.g9def allows a remote attacker to cause a denial of service via the... Moderate Unreviewed
CVE-2023-49557 was published Jan 3, 2024
An issue was discovered in open5gs v2.6.6. SIGPIPE can be used to crash AMF. High Unreviewed
CVE-2023-50020 was published Jan 3, 2024
An issue in Cesanta mjs 2.20.0 allows a remote attacker to cause a denial of service via the mjs... High Unreviewed
CVE-2023-49550 was published Jan 3, 2024
An issue was discovered in open5gs v2.6.6. InitialUEMessage, Registration request sent at a... Moderate Unreviewed
CVE-2023-50019 was published Jan 3, 2024
Versions of the package libredwg before 0.12.5.6384 are vulnerable to Denial of Service (DoS) due... Moderate Unreviewed
CVE-2023-26157 was published Jan 2, 2024
An issue was found in the tiffcp utility distributed by the libtiff package where a crafted TIFF... Moderate Unreviewed
CVE-2023-6228 was published Dec 28, 2023
A vulnerable API method in M-Files Server before 23.12.13195.0 allows for uncontrolled resource... Moderate Unreviewed
CVE-2023-6910 was published Dec 20, 2023
Through the exploitation of active user sessions, an attacker could send custom requests to... Critical Unreviewed
CVE-2023-50707 was published Dec 20, 2023
An uncaught exception issue discovered in Softing OPC UA C++ SDK before 6.30 for Windows... High Unreviewed
CVE-2023-41151 was published Dec 14, 2023
Denial-of-service (DoS) vulnerability exists in rfe service of HMI GC-A2 series. If a remote... High Unreviewed
CVE-2023-49143 was published Dec 12, 2023
Denial-of-service (DoS) vulnerability exists in NetBIOS service of HMI GC-A2 series. If a remote... High Unreviewed
CVE-2023-49713 was published Dec 12, 2023
Denial-of-service (DoS) vulnerability exists in commplex-link service of HMI GC-A2 series. If a... High Unreviewed
CVE-2023-49140 was published Dec 12, 2023
Denial-of-service (DoS) vulnerability exists in FTP service of HMI GC-A2 series. If a remote... High Unreviewed
CVE-2023-41963 was published Dec 12, 2023
Mattermost fails to handle a null request body in the /add endpoint, allowing a simple member to... Moderate Unreviewed
CVE-2023-49809 was published Dec 12, 2023
Mattermost fails to to check the length when setting the title in a run checklist in Playbooks,... Moderate Unreviewed
CVE-2023-45847 was published Dec 12, 2023
SAP Cloud Connector - version 2.0, allows an authenticated user with low privilege to perform... Low Unreviewed
CVE-2023-49578 was published Dec 12, 2023
A flaw was found in PostgreSQL involving the pg_cancel_backend role that signals background... Low Unreviewed
CVE-2023-5870 was published Dec 10, 2023
Under certain circumstances, invalid authentication credentials could be sent to the login... High Unreviewed
CVE-2023-4486 was published Dec 7, 2023
Uncontrolled Resource Consumption vulnerability in Saturday Drive Ninja Forms Contact Form – The... Moderate Unreviewed
CVE-2023-35909 was published Dec 7, 2023
A lack of rate limiting in pjActionAjaxSend in Appointment Scheduler 3.0 allows attackers to... High Unreviewed
CVE-2023-48840 was published Dec 7, 2023
A lack of rate limiting in pjActionAJaxSend in Time Slots Booking Calendar 4.0 allows attackers... High Unreviewed
CVE-2023-48833 was published Dec 7, 2023
A lack of rate limiting in pjActionAJaxSend in Availability Booking Calendar 5.0 allows attackers... High Unreviewed
CVE-2023-48831 was published Dec 7, 2023
A lack of rate limiting in pjActionAjaxSend in Car Rental v3.0 allows attackers to cause resource... High Unreviewed
CVE-2023-48834 was published Dec 7, 2023
Dell OS10 Networking Switches running 10.5.2.x and above contain an Uncontrolled Resource... High Unreviewed
CVE-2023-39248 was published Dec 5, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database