Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,645
Maven
5,000+
npm
4,271
NuGet
760
pip
4,065
Pub
12
RubyGems
957
Rust
1,057
Swift
45
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

2,094 advisories

Loading
An issue has been discovered in GitLab affecting all versions starting from 15.2 before 16.0.8,... High Unreviewed
CVE-2023-0632 was published Aug 2, 2023
PTC’s KEPServerEX Versions 6.0 to 6.14.263 are vulnerable to being made to read a recursively... High Unreviewed
CVE-2023-3825 was published Aug 1, 2023
A vulnerability in Outline.cc for Poppler prior to 23.06.0 allows a remote attacker to cause a... Moderate Unreviewed
CVE-2023-34872 was published Jul 31, 2023
DoS of the OkHttp client when using a BrotliInterceptor and surfing to a malicious web server, or... Moderate Unreviewed
CVE-2023-3782 was published Jul 19, 2023
ChakraCore branch master cbb9b was discovered to contain a segmentation violation via the... Moderate Unreviewed
CVE-2023-37143 was published Jul 18, 2023
ChakraCore branch master cbb9b was discovered to contain a segmentation violation via the... Moderate Unreviewed
CVE-2023-37142 was published Jul 18, 2023
ChakraCore branch master cbb9b was discovered to contain a segmentation violation via the... Moderate Unreviewed
CVE-2023-37141 was published Jul 18, 2023
ChakraCore branch master cbb9b was discovered to contain a segmentation violation via the... Moderate Unreviewed
CVE-2023-37140 was published Jul 18, 2023
The Rockwell Automation Kinetix 5700 DC Bus Power Supply Series A is vulnerable to CIP fuzzing. ... High Unreviewed
CVE-2023-2263 was published Jul 18, 2023
An issue was discovered in ngiflib 0.4. There is SEGV in SDL_LoadAnimatedGif when use SDLaffgif.... Moderate Unreviewed
CVE-2022-30858 was published Jul 17, 2023
Mattermost Boards fail to properly validate a board link, allowing an attacker to crash a channel... Moderate Unreviewed
CVE-2023-3585 was published Jul 17, 2023
Mattermost fails to properly validate a gif image file, allowing an attacker to consume a... Low Unreviewed
CVE-2023-3614 was published Jul 17, 2023
Mattermost fails to properly validate markdown, allowing an attacker to crash the server via a... Moderate Unreviewed
CVE-2023-3593 was published Jul 17, 2023
A vulnerability has been found in OmniSharp csharp-language-server-protocol up to 0.19.6 and... Low Unreviewed
CVE-2022-4952 was published Jul 17, 2023
Controller DoS due to buffer overflow in the handling of a specially crafted message received by... High Unreviewed
CVE-2023-26597 was published Jul 13, 2023
JavaScript preprocessing, webhooks and global scripts can cause uncontrolled CPU, memory, and... Moderate Unreviewed
CVE-2023-29449 was published Jul 13, 2023
An issue has been discovered in GitLab CE/EE affecting all versions starting from 10.3 before 15... High Unreviewed
CVE-2023-3424 was published Jul 13, 2023
In Policy of Policy.java, there is a possible boot loop due to resource exhaustion. This could... Moderate Unreviewed
CVE-2023-21240 was published Jul 13, 2023
An issue discovered in MikroTik Router v6.46.3 and earlier allows attacker to cause denial of... High Unreviewed
CVE-2020-20021 was published Jul 12, 2023
A vulnerability has been identified in SIMATIC MV540 H (All versions < V3.3.4), SIMATIC MV540 S ... High Unreviewed
CVE-2023-35920 was published Jul 11, 2023
A vulnerability has been identified in SIMATIC MV540 H (All versions < V3.3.4), SIMATIC MV540 S ... High Unreviewed
CVE-2023-35921 was published Jul 11, 2023
When an SSL profile is configured on a Virtual Server, undisclosed traffic can cause an increase... Moderate Unreviewed
CVE-2023-24594 was published Jul 6, 2023
AnyDesk 7.0.8 allows remote Denial of Service. High Unreviewed
CVE-2023-26509 was published Jul 3, 2023
A hash collision flaw was found in the IPv6 connection lookup table in the Linux kernel’s IPv6... Moderate Unreviewed
CVE-2023-1206 was published Jul 1, 2023
In list_key_entries of utils.rs, there is a possible way to disable user credentials due to... Moderate Unreviewed
CVE-2023-21176 was published Jun 28, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database