GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,080
Erlang
29
GitHub Actions
19
Go
1,908
Maven
5,000+
npm
3,642
NuGet
638
pip
3,258
Pub
10
RubyGems
869
Rust
820
Swift
35
Unreviewed advisories
All unreviewed
5,000+
318 advisories
Filter by severity
Electron context isolation bypass via nested unserializable return value
Moderate
CVE-2023-29198
was published
for
electron
(npm)
Sep 6, 2023
json2xml Uncaught Exception vulnerability
High
CVE-2022-25024
was published
for
json2xml
(pip)
Aug 23, 2023
Feathers socket handler allows abusing implicit toString
High
CVE-2023-37899
was published
for
@feathersjs/socketio
(npm)
Jul 20, 2023
Mattermost denial of service vulnerability
Moderate
CVE-2023-5967
was published
for
github.com/mattermost/mattermost-server/v6
(Go)
Nov 6, 2023
Shopware improper mail validation vulnerability
Moderate
CVE-2023-34099
was published
for
shopware/shopware
(Composer)
Jun 28, 2023
Improper conditions check in Zoom Team Chat for Zoom clients may allow an authenticated user to...
Moderate
Unreviewed
CVE-2023-39205
was published
Nov 15, 2023
Uncaught exception for some Intel Unison software may allow an authenticated user to potentially...
Moderate
Unreviewed
CVE-2023-22290
was published
Nov 14, 2023
Mattermost fails to validate the type of the "reminder" body request parameter allowing an...
Moderate
Unreviewed
CVE-2023-49607
was published
Dec 12, 2023
A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 2). Affected...
Moderate
Unreviewed
CVE-2023-48431
was published
Dec 12, 2023
A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 2). The Web UI...
Low
Unreviewed
CVE-2023-48429
was published
Dec 12, 2023
A denial of service vulnerability exists in all Silicon Labs Z-Wave controller and endpoint...
Moderate
Unreviewed
CVE-2023-5310
was published
Dec 15, 2023
Vulnerability of data verification errors in the kernel module. Successful exploitation of this...
High
Unreviewed
CVE-2023-44099
was published
Dec 6, 2023
An elevation of privilege vulnerability exists when the Windows Language Pack Installer...
Moderate
Unreviewed
CVE-2020-1122
was published
May 24, 2022
An Improper Check for Unusual or Exceptional Conditions vulnerability in Routing Protocol Daemon...
High
Unreviewed
CVE-2024-21614
was published
Jan 12, 2024
An Improper Check for Unusual or Exceptional Conditions vulnerability in the kernel of Juniper...
Moderate
Unreviewed
CVE-2024-21603
was published
Jan 12, 2024
The Gallery Plugin for WordPress – Envira Photo Gallery plugin for WordPress is vulnerable to...
Moderate
Unreviewed
CVE-2023-6742
was published
Jan 11, 2024
The issue was addressed with improved checks. This issue is fixed in iOS 16.7 and iPadOS 16.7, OS...
High
Unreviewed
CVE-2023-41992
was published
Sep 21, 2023
A user authorized to perform database queries may trigger denial of service by issuing specially...
Moderate
Unreviewed
CVE-2019-20924
was published
May 24, 2022
The vulnerability is caused by improper check for check if RDLENGTH does not overflow the buffer...
High
Unreviewed
CVE-2023-32726
was published
Dec 22, 2023
Vulnerability of improper checking for unusual or exceptional conditions
in Lamassu Bitcoin ATM...
Moderate
Unreviewed
CVE-2024-0675
was published
Jan 30, 2024
A vulnerability in the interaction of SIP and Snort 3 for Cisco Firepower Threat Defense (FTD)...
Moderate
Unreviewed
CVE-2022-20950
was published
Nov 16, 2022
XSS sidekiq-unique-jobs UI server vulnerability
High
CVE-2024-25122
was published
for
sidekiq-unique-jobs
(RubyGems)
Feb 13, 2024
Malformed S2 Nonce Get Command Class packets can be sent to crash PC Controller v5.54.0 and...
Moderate
Unreviewed
CVE-2023-6640
was published
Feb 21, 2024
BuildKit vulnerable to possible panic when incorrect parameters sent from frontend
Moderate
CVE-2024-23650
was published
for
github.com/moby/buildkit
(Go)
Jan 31, 2024
** DISPUTED ** An issue was discovered in ide_dma_cb() in hw/ide/core.c in QEMU 2.4.0 through 4.2...
Moderate
Unreviewed
CVE-2019-20175
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API