Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,638
Maven
5,000+
npm
4,265
NuGet
760
pip
4,060
Pub
12
RubyGems
956
Rust
1,057
Swift
45
Unreviewed advisories
All unreviewed
5,000+

5,055 advisories

Loading
Woodpecker does not validate webhook before changing any data High
CVE-2023-40034 was published for github.com/woodpecker-ci/woodpecker (Go) Aug 16, 2023
anbraten 6543
Credited to anbraten and 6543
Insufficient validation of untrusted input in XML in Google Chrome prior to 116.0.5845.96 allowed... High Unreviewed
CVE-2023-4357 was published Aug 15, 2023
In readFrom of Uri.java, there is a possible bad URI permission grant due to improper input... High Unreviewed
CVE-2023-21272 was published Aug 15, 2023
Vulnerability of input parameter verification in certain APIs in the window management module.... High Unreviewed
CVE-2023-39404 was published Aug 13, 2023
Vulnerability of input parameters being not strictly verified in the PMS module. Successful... High Unreviewed
CVE-2023-39386 was published Aug 13, 2023
Vulnerability of input parameter verification in certain APIs in the window management module.... High Unreviewed
CVE-2023-39390 was published Aug 13, 2023
Input verification vulnerability in the storage module. Successful exploitation of this... High Unreviewed
CVE-2023-39381 was published Aug 13, 2023
Input verification vulnerability in the audio module. Successful exploitation of this... High Unreviewed
CVE-2023-39382 was published Aug 13, 2023
Vulnerability of input parameters being not strictly verified in the PMS module. Successful... High Unreviewed
CVE-2023-39388 was published Aug 13, 2023
Vulnerability of input parameters being not strictly verified in the PMS module. Successful... High Unreviewed
CVE-2023-39389 was published Aug 13, 2023
apache-airflow-providers-apache-drill Improper Input Validation vulnerability High
CVE-2023-39553 was published for apache-airflow-providers-apache-drill (pip) Aug 11, 2023
Improper input validation for the Intel(R) Easy Streaming Wizard software may allow an... High Unreviewed
CVE-2023-26587 was published Aug 11, 2023
Improper input validation in some firmware for Intel(R) AMT and Intel(R) Standard Manageability... High Unreviewed
CVE-2022-36392 was published Aug 11, 2023
Improper input validation in the BIOS firmware for some Intel(R) Processors may allow a... High Unreviewed
CVE-2022-44611 was published Aug 11, 2023
Improper input validation in some Intel(R) PROSet/Wireless WiFi and Killer(TM) WiFi software may... High Unreviewed
CVE-2022-38076 was published Aug 11, 2023
An attacker can send a specially crafted message to the Wavelink Avalanche Manager, which could... High Unreviewed
CVE-2023-32560 was published Aug 10, 2023
Parcel mismatch in AuthenticationConfig prior to SMR Aug-2023 Release 1 allows local attacker to... High Unreviewed
CVE-2023-30691 was published Aug 10, 2023
lol-html panics on certain HTML inputs High
CVE-2023-4241 was published for lol-html (Rust) Aug 9, 2023
Improper input validation vulnerability on the range header in Apache Software Foundation Apache... High Unreviewed
CVE-2022-47185 was published Aug 9, 2023
import-in-the-middle has unsanitized user controlled input in module generation High
CVE-2023-38704 was published for import-in-the-middle (npm) Aug 8, 2023
Denial of service in jackson-dataformat-toml High
CVE-2023-3894 was published for com.fasterxml.jackson.dataformat:jackson-dataformat-toml (Maven) Aug 8, 2023
Mochis ryanmurf
Credited to Mochis and ryanmurf
Improper input validation in Zoom SDK’s before 5.14.10 may allow an unauthenticated user to... High Unreviewed
CVE-2023-39217 was published Aug 8, 2023
Microsoft Message Queuing Denial of Service Vulnerability High Unreviewed
CVE-2023-36912 was published Aug 8, 2023
Memory corruption in Trusted Execution Environment while calling service API with invalid address. High Unreviewed
CVE-2023-21627 was published Aug 8, 2023
An issue has been discovered in GitLab CE/EE affecting all versions starting from 16.1 before 16... High Unreviewed
CVE-2023-3900 was published Aug 2, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database