GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,373
Erlang
33
GitHub Actions
22
Go
2,135
Maven
5,000+
npm
3,797
NuGet
687
pip
3,478
Pub
12
RubyGems
896
Rust
897
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
156 advisories
Filter by severity
Vulnerability of input parameter verification in certain APIs in the window management module....
High
Unreviewed
CVE-2023-39390
was published
Aug 13, 2023
Vulnerability of input parameters being not strictly verified in the PMS module. Successful...
High
Unreviewed
CVE-2023-39386
was published
Aug 13, 2023
Input verification vulnerability in the storage module. Successful exploitation of this...
High
Unreviewed
CVE-2023-39381
was published
Aug 13, 2023
Input verification vulnerability in the audio module. Successful exploitation of this...
High
Unreviewed
CVE-2023-39382
was published
Aug 13, 2023
Improper input validation in some firmware for Intel(R) AMT and Intel(R) Standard Manageability...
High
Unreviewed
CVE-2022-36392
was published
Aug 11, 2023
Splunk SOAR versions 6.0.2 and earlier are indirectly affected by a potential vulnerability...
High
Unreviewed
CVE-2023-3997
was published
Jul 31, 2023
Interactive Forms (IAF) in GX Software XperienCentral versions 10.33.1 until 10.35.0 was...
High
Unreviewed
CVE-2022-43713
was published
Jul 26, 2023
RTX TRAP v1.0 was discovered to be vulnerable to host header poisoning.
Moderate
Unreviewed
CVE-2022-31458
was published
Jul 25, 2023
Controller DoS due to stack overflow when decoding a message from the server
High
Unreviewed
CVE-2023-24480
was published
Jul 13, 2023
An issue has been discovered in GitLab CE/EE affecting all versions starting from 7.14 before 15...
Moderate
Unreviewed
CVE-2023-2200
was published
Jul 13, 2023
In SAP Enable Now - versions WPB_MANAGER 1.0, WPB_MANAGER_CE 10, WPB_MANAGER_HANA 10,...
Moderate
Unreviewed
CVE-2023-36919
was published
Jul 11, 2023
SAP Solution Manager (Diagnostics agent) - version 7.20, allows an attacker to tamper with...
High
Unreviewed
CVE-2023-36921
was published
Jul 11, 2023
Firefox did not properly handle downloads of files ending in <code>.desktop</code>, which can be...
Unknown
Unreviewed
CVE-2023-29541
was published
Jun 2, 2023
An attacker could have caused memory corruption and a potentially exploitable use-after-free of a...
High
Unreviewed
CVE-2023-29543
was published
Jun 2, 2023
When copying a network request from the developer tools panel as a curl command the output was...
Moderate
Unreviewed
CVE-2023-23599
was published
Jun 2, 2023
In Splunk Enterprise versions below 9.0.5, 8.2.11, and 8.1.14, an attacker can use a specially...
Low
Unreviewed
CVE-2023-32712
was published
Jun 1, 2023
A vulnerability exists in a FOXMAN-UN and UNEM logging component, it only affects systems that...
Moderate
Unreviewed
CVE-2023-1711
was published
May 30, 2023
WebAssembly wat2wasm v1.0.32 allows attackers to cause a libc++abi.dylib crash by putting '@'...
Moderate
Unreviewed
CVE-2023-31669
was published
May 23, 2023
PDFZorro PDFZorro Online r20220428 using TCPDF 6.2.5, despite having workflows claiming to...
High
Unreviewed
CVE-2022-30351
was published
Mar 30, 2023
ConEmu through 220807 and Cmder before 1.3.21 report the title of the terminal, including control...
Critical
Unreviewed
CVE-2022-46387
was published
Mar 28, 2023
Cobalt Strike 4.7.1 fails to properly escape HTML tags when they are displayed on Swing...
Critical
Unreviewed
CVE-2022-42948
was published
Mar 24, 2023
Sudo before 1.9.13 does not escape control characters in log messages.
Moderate
Unreviewed
CVE-2023-28486
was published
Mar 16, 2023
Sudo before 1.9.13 does not escape control characters in sudoreplay output.
Moderate
Unreviewed
CVE-2023-28487
was published
Mar 16, 2023
A CWE-117: Improper Output Neutralization for Logs vulnerability exists that could cause the...
Moderate
Unreviewed
CVE-2023-0595
was published
Feb 24, 2023
An issue was discovered in GNU Emacs through 28.2. htmlfontify.el has a command injection...
Critical
Unreviewed
CVE-2022-48339
was published
Feb 21, 2023
ProTip!
Advisories are also available from the
GraphQL API