Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,645
Maven
5,000+
npm
4,271
NuGet
760
pip
4,065
Pub
12
RubyGems
957
Rust
1,057
Swift
45
Unreviewed advisories
All unreviewed
5,000+

5,055 advisories

Loading
Possible image tampering from missing image validation for Packages High
CVE-2023-38495 was published for github.com/crossplane/crossplane (Go) Jul 28, 2023
AdamKorcz DavidKorczynski
phisco
Credited to AdamKorcz, DavidKorczynski, and phisco
Interactive Forms (IAF) in GX Software XperienCentral versions 10.33.1 until 10.35.0 was... High Unreviewed
CVE-2022-43713 was published Jul 26, 2023
Local user may lead to privilege escalation using Gaia Portal hostnames page. High Unreviewed
CVE-2023-28130 was published Jul 26, 2023
A vulnerability exists in the HCI IEC 60870-5-104 function included in certain versions of the... High Unreviewed
CVE-2022-2502 was published Jul 26, 2023
Improper Input Validation vulnerability in the ContentType parameter for attachments on... High Unreviewed
CVE-2023-38060 was published Jul 24, 2023
IBM MQ 9.0 LTS, 9.1 LTS, 9.2 LTS, 9.3 LTS, 9.2 CD, and 9.3 CD and IBM MQ Appliance 9.2 LTS, 9.3... High Unreviewed
CVE-2023-28513 was published Jul 19, 2023
If a TLS 1.3 client gets neither a PSK (pre shared key) extension nor a KSE (key share extension)... High Unreviewed
CVE-2023-3724 was published Jul 18, 2023
Specially crafted string can cause a buffer overrun in the JSON parser library leading to a crash... High Unreviewed
CVE-2023-29451 was published Jul 13, 2023
Apache Airflow Apache Hive Provider Improper Input Validation vulnerability High
CVE-2023-37415 was published for apache-airflow-providers-apache-hive (pip) Jul 13, 2023
In onCreate of ConfirmDialog.java, there is a possible way to connect to VNP bypassing user's... High Unreviewed
CVE-2023-21251 was published Jul 13, 2023
Apache Airflow Improper Input Validation vulnerability High
CVE-2023-22888 was published for apache-airflow (pip) Jul 12, 2023
Apache Airflow Improper Input Validation vulnerability High
CVE-2023-36543 was published for apache-airflow (pip) Jul 12, 2023
Improper input validation in the Zoom Desktop Client for Windows before version 5.15.0 may allow... High Unreviewed
CVE-2023-34116 was published Jul 11, 2023
A vulnerability has been identified in SiPass integrated (All versions < V2.90.3.8). Affected... High Unreviewed
CVE-2022-31810 was published Jul 11, 2023
A security defect was identified that enabled a user of Foundry Issues to perform a Denial of... High Unreviewed
CVE-2023-22835 was published Jul 10, 2023
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is... High Unreviewed
CVE-2023-30449 was published Jul 10, 2023
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is... High Unreviewed
CVE-2023-30447 was published Jul 10, 2023
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.1 and 11.5 federated server... High Unreviewed
CVE-2023-30442 was published Jul 10, 2023
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is... High Unreviewed
CVE-2023-30446 was published Jul 10, 2023
IBM DB2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is... High Unreviewed
CVE-2023-30448 was published Jul 10, 2023
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is... High Unreviewed
CVE-2023-30445 was published Jul 10, 2023
An Improper Input Validation vulnerability in the Schweitzer Engineering Laboratories Real-Time... High Unreviewed
CVE-2023-31161 was published Jul 6, 2023
In Splunk Enterprise versions below 8.1.13, 8.2.10, and 9.0.4, the ‘pivot’ search processing... High Unreviewed
CVE-2023-22934 was published Jul 6, 2023
In Splunk Enterprise versions below 8.1.13, 8.2.10, and 9.0.4, the ‘display.page.search.patterns... High Unreviewed
CVE-2023-22935 was published Jul 6, 2023
In Splunk Enterprise versions below 8.1.13, 8.2.10, and 9.0.4, the ‘map’ search processing... High Unreviewed
CVE-2023-22939 was published Jul 6, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database