GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,968
Erlang
29
GitHub Actions
16
Go
1,752
Maven
4,982
npm
3,516
NuGet
609
pip
3,090
Pub
10
RubyGems
832
Rust
782
Swift
34
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
86,754 advisories
Filter by severity
Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the ...
High
Unreviewed
CVE-2017-16294
was published
Jan 12, 2023
InHand Networks InRouter 302, prior to version IR302 V3.5.56, and InRouter 615, prior to version...
High
Unreviewed
CVE-2023-22601
was published
Jan 13, 2023
Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the ...
High
Unreviewed
CVE-2017-16257
was published
Jan 12, 2023
Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the ...
High
Unreviewed
CVE-2017-16260
was published
Jan 12, 2023
InHand Networks InRouter 302, prior to version IR302 V3.5.56, and InRouter 615, prior to version...
High
Unreviewed
CVE-2023-22598
was published
Jan 13, 2023
Omniverse Kit contains a vulnerability in the reference applications Create, Audio2Face, Isaac...
High
Unreviewed
CVE-2022-42268
was published
Jan 13, 2023
This vulnerability allows remote attackers to execute arbitrary code on affected installations of...
High
Unreviewed
CVE-2020-15643
was published
May 24, 2022
This vulnerability allows remote attackers to execute arbitrary code on affected installations of...
High
Unreviewed
CVE-2020-15645
was published
May 24, 2022
A Incorrect Default Permissions vulnerability in the packaging of inn in openSUSE Leap 15.2,...
High
Unreviewed
CVE-2020-8026
was published
May 24, 2022
Artica Web Proxy 4.30.000000 allows an authenticated remote attacker to inject commands via the...
High
Unreviewed
CVE-2020-17505
was published
May 24, 2022
It was found that PostgreSQL versions before 12.4, before 11.9 and before 10.14 did not properly...
High
Unreviewed
CVE-2020-14349
was published
May 24, 2022
NVIDIA BMC contains a vulnerability in IPMI handler, where an authorized attacker can cause a...
High
Unreviewed
CVE-2022-42283
was published
Jan 13, 2023
The icmp6_send function in net/ipv6/icmp.c in the Linux kernel through 4.8.12 omits a certain...
High
Unreviewed
CVE-2016-9919
was published
May 17, 2022
An access control issue in Harbor v1.X.X to v2.5.3 allows attackers to access public and private...
High
Unreviewed
CVE-2022-46463
was published
Jan 13, 2023
BlueCat Device Registration Portal 2.2 allows XXE attacks that exfiltrate single-line files. A...
High
Unreviewed
CVE-2023-23595
was published
Jan 15, 2023
NVIDIA BMC contains a vulnerability in IPMI handler, where an authorized attacker can upload and...
High
Unreviewed
CVE-2022-42287
was published
Jan 13, 2023
DGX A100 SBIOS contains a vulnerability in the Pre-EFI Initialization (PEI)phase, where a...
High
Unreviewed
CVE-2022-42285
was published
Jan 13, 2023
The Anti-Malware Security and Brute-Force Firewall WordPress plugin through 4.21.85 is prone to a...
High
Unreviewed
CVE-2022-4327
was published
Jan 16, 2023
In freeradius, when an EAP-SIM supplicant sends an unknown SIM option, the server will try to...
High
Unreviewed
CVE-2022-41860
was published
Jan 17, 2023
CentOS-WebPanel.com (aka CWP) CentOS Web Panel (for CentOS 6 and 7) allows SQL Injection via the ...
High
Unreviewed
CVE-2020-10230
was published
May 24, 2022
This vulnerability allows remote attackers to execute arbitrary code on affected installations of...
High
Unreviewed
CVE-2020-15420
was published
May 24, 2022
This vulnerability allows remote attackers to execute arbitrary code on affected installations of...
High
Unreviewed
CVE-2020-15613
was published
May 24, 2022
This vulnerability allows remote attackers to execute arbitrary code on affected installations of...
High
Unreviewed
CVE-2020-15432
was published
May 24, 2022
This vulnerability allows remote attackers to disclose sensitive information on affected...
High
Unreviewed
CVE-2020-15620
was published
May 24, 2022
This vulnerability allows remote attackers to disclose sensitive information on affected...
High
Unreviewed
CVE-2020-15616
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API