Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+

271 advisories

Loading
An Access Control issue discovered in Extreme Networks Switch Engine (EXOS) before 32.5.1.5, also... Critical Unreviewed
CVE-2023-43119 was published Oct 16, 2023
An issue has been discovered in GitLab EE affecting all versions starting from 13.12 before 16.2... Critical Unreviewed
CVE-2023-5009 was published Sep 19, 2023
SAP CommonCryptoLib does not perform necessary authentication checks, which may result in missing... Critical Unreviewed
CVE-2023-40309 was published Sep 15, 2023
A vulnerability in the remote access VPN feature of Cisco Adaptive Security Appliance (ASA)... Critical Unreviewed
CVE-2023-20269 was published Sep 6, 2023
BMC Server Automation before 8.9.01 patch 1 allows Process Spawner command execution because of... Critical Unreviewed
CVE-2017-9453 was published Sep 5, 2023
A security vulnerability in MICS Admin Portal in Ivanti MobileIron Sentry versions 9.18.0 and... Critical Unreviewed
CVE-2023-38035 was published Aug 21, 2023
The Linux DVS server component of Mitel MiVoice Connect through 19.3 SP2 (22.24.1500.0) could... Critical Unreviewed
CVE-2023-32748 was published Aug 14, 2023
KramerAV VIA Connect (2) and VIA Go (2) devices with a version prior to 4.0.1.1326 exhibit a... Critical Unreviewed
CVE-2023-33468 was published Aug 9, 2023
Vyper has incorrectly allocated named re-entrancy locks Critical
CVE-2023-39363 was published for vyper (pip) Aug 9, 2023
trocher
** UNSUPPORTED WHEN ASSIGNED ** Authentication Bypass vulnerability in D-Link DIR-859 FW105b03... Critical Unreviewed
CVE-2023-36092 was published Jul 31, 2023
** UNSUPPORTED WHEN ASSIGNED ** Authentication Bypass vulnerability in D-Link DIR-895 FW102b07... Critical Unreviewed
CVE-2023-36091 was published Jul 31, 2023
** UNSUPPORTED WHEN ASSIGNED ** Authentication Bypass vulnerability in D-Link DIR-885L FW102b01... Critical Unreviewed
CVE-2023-36090 was published Jul 31, 2023
** UNSUPPORTED WHEN ASSIGNED ** Authentication Bypass vulnerability in D-Link DIR-645 firmware... Critical Unreviewed
CVE-2023-36089 was published Jul 31, 2023
Sourcecodester Online Computer and Laptop Store 1.0 is vulnerable to Incorrect Access Control,... Critical Unreviewed
CVE-2023-31704 was published Jul 13, 2023
Apache Pulsar Incorrect Authorization vulnerability Critical
CVE-2023-30429 was published for org.apache.pulsar:pulsar (Maven) Jul 12, 2023
In TravianZ 8.3.4 and 8.3.3, Incorrect Access Control in the installation script allows an... Critical Unreviewed
CVE-2023-36994 was published Jul 7, 2023
Franklin Fueling System FFS Colibri 1.9.22.8925 is affected by: File system overwrite. The impact... Critical Unreviewed
CVE-2022-44039 was published Jul 6, 2023
An issue in Zimbra Collaboration (ZCS) v.8.8.15 and v.9.0 allows a remote attacker to escalate... Critical Unreviewed
CVE-2023-29381 was published Jul 6, 2023
Nexxt Nebula 1200-AC 15.03.06.60 allows authentication bypass and command execution by using the... Critical Unreviewed
CVE-2022-46080 was published Jul 6, 2023
Vulnerability of incomplete read and write permission verification in the GPU module. Successful... Critical Unreviewed
CVE-2021-46891 was published Jul 5, 2023
Vulnerability of incomplete read and write permission verification in the GPU module. Successful... Critical Unreviewed
CVE-2021-46890 was published Jul 5, 2023
Arcserve UDP through 9.0.6034 allows authentication bypass. The method getVersionInfo at... Critical Unreviewed
CVE-2023-26258 was published Jul 3, 2023
UniFi OS 3.1 introduces a misconfiguration on consoles running UniFi Network that allows users on... Critical Unreviewed
CVE-2023-31997 was published Jul 1, 2023
Improper configuration of RBAC permissions obtaining cluster control permissions Critical
CVE-2023-33190 was published for github.com/labring/sealos (Go) Jun 30, 2023
DVKunion
Wade Graphic Design FANTSY has a vulnerability of insufficient authorization check. An... Critical Unreviewed
CVE-2023-28698 was published Jun 2, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database