GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,134
Erlang
30
GitHub Actions
19
Go
1,941
Maven
5,000+
npm
3,683
NuGet
650
pip
3,299
Pub
11
RubyGems
878
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+
10,978 advisories
Filter by severity
A security feature bypass vulnerability exists when Microsoft Defender improperly handles...
Low
Unreviewed
CVE-2019-1488
was published
May 24, 2022
SAP Enable Now, before version 1908, does not invalidate session tokens in a timely manner. The...
Low
Unreviewed
CVE-2020-6197
was published
May 24, 2022
Initially, a user opens a Private Browsing Window and generates a password for a site, then...
Low
Unreviewed
CVE-2020-6824
was published
May 24, 2022
An issue has been discovered in GitLab affecting all versions starting with 7.1. A member of a...
Low
Unreviewed
CVE-2021-22193
was published
May 24, 2022
A vulnerability that stores IMSI values in an improper path prior to SMR APR-2021 Release 1...
Low
Unreviewed
CVE-2021-25358
was published
May 24, 2022
In QEMU 1:4.1-1, 1:2.1+dfsg-12+deb8u6, 1:2.8+dfsg-6+deb9u8, 1:3.1+dfsg-8~deb10u1, 1:3.1+dfsg-8...
Low
Unreviewed
CVE-2019-12068
was published
May 24, 2022
An issue was discovered in the Arm Mali Kernel Driver. A non-privileged user can make improper...
Low
Unreviewed
CVE-2022-46396
was published
Apr 11, 2023
The Android version of pikpak v1.29.2 was discovered to contain an information leak via the debug...
Low
Unreviewed
CVE-2023-27703
was published
Apr 12, 2023
In Shadow 4.13, it is possible to inject control characters into fields provided to the SUID...
Low
Unreviewed
CVE-2023-29383
was published
Apr 15, 2023
Vulnerability in the Oracle Solaris product of Oracle Systems (component: IPS repository daemon)....
Low
Unreviewed
CVE-2023-21928
was published
Apr 18, 2023
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Connection Handling...
Low
Unreviewed
CVE-2023-21963
was published
Apr 18, 2023
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). ...
Low
Unreviewed
CVE-2023-21988
was published
Apr 18, 2023
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). ...
Low
Unreviewed
CVE-2023-21991
was published
Apr 18, 2023
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). ...
Low
Unreviewed
CVE-2023-21999
was published
Apr 18, 2023
Vulnerability in the Oracle Solaris product of Oracle Systems (component: Utility). Supported...
Low
Unreviewed
CVE-2023-22003
was published
Apr 18, 2023
NVIDIA CUDA Toolkit SDK for Linux and Windows contains a NULL pointer dereference in cuobjdump,...
Low
Unreviewed
CVE-2023-25510
was published
Apr 22, 2023
NVIDIA CUDA Toolkit for Linux and Windows contains a vulnerability in cuobjdump, where a division...
Low
Unreviewed
CVE-2023-25511
was published
Apr 22, 2023
PingID integration for Windows login prior to 2.9 does not handle duplicate usernames, which can...
Low
Unreviewed
CVE-2022-23721
was published
Apr 25, 2023
Improper access control vulnerability in Telephony framework prior to SMR May-2023 Release 1...
Low
Unreviewed
CVE-2023-21487
was published
May 4, 2023
Filebeat versions through 7.17.9 and 8.6.2 have a flaw in httpjson input that allows the http...
Low
Unreviewed
CVE-2023-31413
was published
May 4, 2023
A logic issue was addressed with improved restrictions. This issue is fixed in macOS Ventura 13.3...
Low
Unreviewed
CVE-2023-23523
was published
May 8, 2023
The issue was addressed with additional restrictions on the observability of app states. This...
Low
Unreviewed
CVE-2023-23543
was published
May 8, 2023
The issue was addressed with improved checks. This issue is fixed in iOS 16.4 and iPadOS 16.4. An...
Low
Unreviewed
CVE-2023-28194
was published
May 8, 2023
A vulnerability has been identified in SCALANCE LPE9403 (All versions < V2.1). The `i2c` mutex...
Low
Unreviewed
CVE-2023-27408
was published
May 9, 2023
A vulnerability has been identified in SCALANCE LPE9403 (All versions < V2.1). A heap-based...
Low
Unreviewed
CVE-2023-27410
was published
May 9, 2023
ProTip!
Advisories are also available from the
GraphQL API