Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,645
Maven
5,000+
npm
4,271
NuGet
760
pip
4,065
Pub
12
RubyGems
957
Rust
1,057
Swift
45
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

2,094 advisories

Loading
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, 11.5 is vulnerable... Moderate Unreviewed
CVE-2023-40692 was published Dec 4, 2023
An issue has been discovered in GitLab EE affecting all versions starting from 10.5 before 16.4.3... Moderate Unreviewed
CVE-2023-4912 was published Dec 1, 2023
A vulnerability of Uncontrolled Resource Consumption has been identified in STARDOM provided by... Moderate Unreviewed
CVE-2023-5915 was published Dec 1, 2023
An issue in the box_equal function in openlink virtuoso-opensource v7.2.11 allows attackers to... High Unreviewed
CVE-2023-48951 was published Nov 29, 2023
A flaw was found in libnbd, due to a malicious Network Block Device (NBD), a protocol for... Moderate Unreviewed
CVE-2023-5871 was published Nov 27, 2023
An out-of-memory flaw was found in libtiff. Passing a crafted tiff file to TIFFOpen() API may... High Unreviewed
CVE-2023-6277 was published Nov 24, 2023
A possibility of unwanted server memory consumption was detected through the obsolete... Moderate Unreviewed
CVE-2023-6117 was published Nov 22, 2023
An issue was discovered in the captive portal in OpenNDS before version 10.1.3. It has multiple... High Unreviewed
CVE-2023-41102 was published Nov 17, 2023
Unauthenticated Denial-of-Service (DoS) vulnerabilities exist in the BLE daemon service accessed... High Unreviewed
CVE-2023-45622 was published Nov 15, 2023
When a specific component is loaded a local attacker and is able to send a specially crafted... High Unreviewed
CVE-2023-38043 was published Nov 15, 2023
Unauthenticated Denial-of-Service (DoS) vulnerabilities exist in the CLI service accessed via the... High Unreviewed
CVE-2023-45621 was published Nov 15, 2023
Uncontrolled resource consumption in Zoom Team Chat for Zoom Desktop Client for Windows and Zoom... Moderate Unreviewed
CVE-2023-39203 was published Nov 15, 2023
Uncontrolled resource consumption in some Intel(R) Aptio* V UEFI Firmware Integrator Tools may... Moderate Unreviewed
CVE-2023-25949 was published Nov 14, 2023
Visual Studio Denial of Service Vulnerability Moderate Unreviewed
CVE-2023-36042 was published Nov 14, 2023
A vulnerability has been identified in SCALANCE XB205-3 (SC, PN) (All versions < V4.5), SCALANCE... Moderate Unreviewed
CVE-2023-44321 was published Nov 14, 2023
IBM AIX's 7.3 Python implementation could allow a non-privileged local user to exploit a... Moderate Unreviewed
CVE-2023-45167 was published Nov 10, 2023
In Helix Core versions prior to 2023.2, an unauthenticated remote Denial of Service (DoS) via the... High Unreviewed
CVE-2023-5759 was published Nov 8, 2023
In Helix Core versions prior to 2023.2, an unauthenticated remote Denial of Service (DoS) via the... High Unreviewed
CVE-2023-45319 was published Nov 8, 2023
In Helix Core versions prior to 2023.2, an unauthenticated remote Denial of Service (DoS) via the... High Unreviewed
CVE-2023-35767 was published Nov 8, 2023
An issue has been discovered in GitLab CE/EE affecting all versions starting from 12.3 before 16... Moderate Unreviewed
CVE-2023-3909 was published Nov 6, 2023
An issue has been discovered in GitLab EE/CE affecting all versions starting before 16.3.6, all... Moderate Unreviewed
CVE-2023-3246 was published Nov 6, 2023
An issue has been discovered in GitLab CE/EE affecting all versions starting from 16.2 before 16... Moderate Unreviewed
CVE-2023-5825 was published Nov 6, 2023
A vulnerability was found in Samba's "rpcecho" development server, a non-Windows RPC server used... Moderate Unreviewed
CVE-2023-42669 was published Nov 6, 2023
A flaw was found in Samba. It is susceptible to a vulnerability where multiple incompatible RPC... Moderate Unreviewed
CVE-2023-42670 was published Nov 3, 2023
Connections to external data sources, like e-mail autoconfiguration, were not terminated in case... Moderate Unreviewed
CVE-2023-29046 was published Nov 2, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database