Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,081
Erlang
29
GitHub Actions
19
Go
1,909
Maven
5,000+
npm
3,642
NuGet
638
pip
3,258
Pub
10
RubyGems
869
Rust
820
Swift
35
Unreviewed advisories
All unreviewed
5,000+

58 advisories

Loading
The GPCIDrv and GDrv low-level drivers in GIGABYTE APP Center v1.05.21 and earlier, AORUS... High Unreviewed
CVE-2018-19322 was published May 13, 2022
Cobbler has Exposed Dangerous Method or Function Critical
CVE-2018-10931 was published for cobbler (pip) May 13, 2022
An issue was discovered in app/Model/Attribute.php in MISP before 2.4.89. There is a critical API... Moderate Unreviewed
CVE-2018-8949 was published May 14, 2022
TIT-AL00 smartphones with software versions earlier before TIT-AL00C583B214 have a exposed system... High Unreviewed
CVE-2017-2735 was published May 17, 2022
IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 11.1 could allow an... Moderate Unreviewed
CVE-2019-4386 was published May 24, 2022
An RCE (Remote Code Execution) vulnerability exists in the UCS software through 6.0.0 used by... High Unreviewed
CVE-2019-12948 was published May 24, 2022
A vulnerability has been identified in SiNVR 3 Central Control Server (CCS) (all versions), SiNVR... High Unreviewed
CVE-2019-18342 was published May 24, 2022
This vulnerability allows remote attackers to write arbitrary files on affected installations of... High Unreviewed
CVE-2020-15623 was published May 24, 2022
A user authorized to perform database queries may trigger denial of service by issuing specially... Moderate Unreviewed
CVE-2019-20923 was published May 24, 2022
xwiki contains Exposed Dangerous Method or Function Moderate
CVE-2023-26478 was published for org.xwiki.platform:xwiki-platform-store-filesystem-oldcore (Maven) Mar 3, 2023
This vulnerability allows remote attackers to bypass authentication on affected installations of... Critical Unreviewed
CVE-2022-36983 was published Mar 29, 2023
This vulnerability allows remote attackers to execute arbitrary code on affected installations of... High Unreviewed
CVE-2022-37365 was published Mar 29, 2023
In JetBrains TeamCity before 2023.05 a specific endpoint was vulnerable to brute force attacks High Unreviewed
CVE-2023-34227 was published May 31, 2023
A vulnerability has been identified in CP-8031 MASTER MODULE (All versions < CPCI85 V05), CP-8050... Moderate Unreviewed
CVE-2023-33921 was published Jun 13, 2023
?In Keysight Geolocation Server v2.4.2 and prior, a low privileged attacker could create a... High Unreviewed
CVE-2023-36853 was published Jul 20, 2023
Exposure of sensitive information in Zoom Client SDK's before 5.15.5 may allow an authenticated... High Unreviewed
CVE-2023-39214 was published Aug 9, 2023
Govee Home app has unprotected access to WebView component which can be opened by any app on the... High Unreviewed
CVE-2023-3612 was published Sep 11, 2023
?The affected product does not perform an authentication check and performs some dangerous... Critical Unreviewed
CVE-2023-40150 was published Sep 11, 2023
The SolarWinds Platform was susceptible to the Incorrect Comparison Vulnerability. This... High Unreviewed
CVE-2023-23840 was published Sep 14, 2023
The SolarWinds Platform was susceptible to the Incorrect Comparison Vulnerability. This... High Unreviewed
CVE-2023-23845 was published Sep 14, 2023
cashIT! - serving solutions. Devices from "PoS/ Dienstleistung, Entwicklung & Vertrieb GmbH" to... High Unreviewed
CVE-2023-3655 was published Oct 3, 2023
cashIT! - serving solutions. Devices from "PoS/ Dienstleistung, Entwicklung & Vertrieb GmbH" to... Critical Unreviewed
CVE-2023-3656 was published Oct 3, 2023
EisBaer Scada - CWE-749: Exposed Dangerous Method or Function Critical Unreviewed
CVE-2023-42494 was published Oct 25, 2023
When user authentication is not enabled the shell can execute commands with the highest... Critical Unreviewed
CVE-2023-40151 was published Nov 21, 2023
In Delta Electronics InfraSuite Device Master v.1.0.7, a vulnerability exists that allows an... Critical Unreviewed
CVE-2023-39226 was published Dec 1, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database