GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,967
Erlang
29
GitHub Actions
16
Go
1,749
Maven
4,978
npm
3,509
NuGet
609
pip
3,075
Pub
10
RubyGems
832
Rust
781
Swift
34
Unreviewed advisories
All unreviewed
5,000+
93,430 advisories
Filter by severity
A CWE-307: Improper Restriction of Excessive Authentication Attempts vulnerability exists...
High
Unreviewed
CVE-2022-43377
was published
Jul 6, 2023
A maliciously crafted X_B file when parsed through Autodesk® AutoCAD® 2023 can force an Out-of...
High
Unreviewed
CVE-2023-27912
was published
Jul 6, 2023
Insecure Storage of Sensitive Information vulnerability in Jose Mortellaro Freesoul Deactivate...
High
Unreviewed
CVE-2023-22687
was published
Jul 6, 2023
Mattermost fails to redact from audit logs the user password during user creation and the user...
High
Unreviewed
CVE-2023-1831
was published
Jul 6, 2023
An Out-Of-Bounds Write Vulnerability in Autodesk® FBX® SDK version 2020 or prior may lead to code...
High
Unreviewed
CVE-2023-27909
was published
Jul 6, 2023
A user may be tricked into opening a malicious FBX file that may exploit a heap buffer overflow...
High
Unreviewed
CVE-2023-27911
was published
Jul 6, 2023
A maliciously crafted X_B file when parsed through Autodesk® AutoCAD® 2023 could lead to memory...
High
Unreviewed
CVE-2023-27915
was published
Jul 6, 2023
A maliciously crafted X_B file when parsed through Autodesk® AutoCAD® 2023 could lead to memory...
High
Unreviewed
CVE-2023-29067
was published
Jul 6, 2023
Arbitrary file reading vulnerability in Apache Software Foundation Apache OFBiz when using the...
High
Unreviewed
CVE-2022-47501
was published
Jul 6, 2023
A maliciously crafted X_B file when parsed through Autodesk® AutoCAD® 2023 can be used to cause...
High
Unreviewed
CVE-2023-27913
was published
Jul 6, 2023
Cross-Site Request Forgery (CSRF) vulnerability in Kilian Evang Ultimate Noindex Nofollow Tool II...
High
Unreviewed
CVE-2023-30474
was published
Jul 6, 2023
Auth. (admin+) SQL Injection (SQLi) vulnerability in TransbankDevelopers Transbank Webpay REST...
High
Unreviewed
CVE-2023-27610
was published
Jul 6, 2023
A maliciously crafted X_B file when parsed through Autodesk® AutoCAD® 2023 can be used to write...
High
Unreviewed
CVE-2023-27914
was published
Jul 6, 2023
cgi-bin/xmlstatus.cgi in Güralp MAN-EAM-0003 3.2.4 is vulnerable to an XML External Entity (XXE)...
High
Unreviewed
CVE-2022-38840
was published
Jul 6, 2023
A user may be tricked into opening a malicious FBX file that may exploit a stack buffer overflow...
High
Unreviewed
CVE-2023-27910
was published
Jul 6, 2023
Due to missing authentication and insufficient input validation, the OSCommand Bridge of SAP...
High
Unreviewed
CVE-2023-27267
was published
Jul 6, 2023
ToolboxST prior to version 7.10 is affected by a deserialization vulnerability. An attacker with...
High
Unreviewed
CVE-2023-1552
was published
Jul 6, 2023
Multiple vulnerabilities including an incorrect permission assignment for critical resource [CWE...
High
Unreviewed
CVE-2022-43946
was published
Jul 6, 2023
An improper restriction of excessive authentication attempts vulnerability [CWE-307] in Fortinet...
High
Unreviewed
CVE-2022-43947
was published
Jul 6, 2023
Hitachi Vantara Pentaho Business Analytics Server versions before 9.3.0.0, 9.2.0.4 and 8.3.0.27...
High
Unreviewed
CVE-2022-43770
was published
Jul 6, 2023
A use-after-free vulnerability in the Linux Kernel traffic control index filter (tcindex) can be...
High
Unreviewed
CVE-2023-1829
was published
Jul 6, 2023
Auth. SQL Injection') vulnerability in Kunal Nagar Custom 404 Pro plugin <= 3.7.0 versions.
High
Unreviewed
CVE-2022-47605
was published
Jul 6, 2023
An improper neutralization of special elements used in an OS command vulnerability [CWE-78] in...
High
Unreviewed
CVE-2022-40679
was published
Jul 6, 2023
Cross-Site Request Forgery (CSRF) vulnerability in WP OnlineSupport, Essential Plugin Popup...
High
Unreviewed
CVE-2022-38077
was published
Jul 6, 2023
In JetBrains IntelliJ IDEA before 2023.1 in some cases, Gradle and Maven projects could be...
High
Unreviewed
CVE-2022-48431
was published
Jul 6, 2023
ProTip!
Advisories are also available from the
GraphQL API