GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,023
Erlang
29
GitHub Actions
16
Go
1,830
Maven
5,000+
npm
3,573
NuGet
632
pip
3,155
Pub
10
RubyGems
847
Rust
796
Swift
34
Unreviewed advisories
All unreviewed
5,000+
110,988 advisories
Filter by severity
A vulnerability was found in RRJ Nueva Ecija Engineer Online Portal 1.0. It has been declared as...
Moderate
Unreviewed
CVE-2024-0192
was published
Jan 2, 2024
An issue in A-WORLD OIRASE BEER_waiting Line v.13.6.1 allows attackers to send crafted...
Moderate
Unreviewed
CVE-2023-45561
was published
Jan 2, 2024
A vulnerability, which was classified as critical, was found in spider-flow 0.4.3. Affected is...
Moderate
Unreviewed
CVE-2024-0195
was published
Jan 2, 2024
A vulnerability was found in RRJ Nueva Ecija Engineer Online Portal 1.0. It has been classified...
Moderate
Unreviewed
CVE-2024-0191
was published
Jan 2, 2024
A memory leak problem was found in ctnetlink_create_conntrack in net/netfilter...
Moderate
Unreviewed
CVE-2023-7192
was published
Jan 2, 2024
A vulnerability was found in RRJ Nueva Ecija Engineer Online Portal 1.0 and classified as...
Moderate
Unreviewed
CVE-2024-0190
was published
Jan 2, 2024
A vulnerability, which was classified as problematic, was found in Acumos Design Studio up to 2.0...
Moderate
Unreviewed
CVE-2018-25097
was published
Jan 2, 2024
A vulnerability has been found in RRJ Nueva Ecija Engineer Online Portal 1.0 and classified as...
Moderate
Unreviewed
CVE-2024-0189
was published
Jan 2, 2024
Hail relies on OIDC email claims to verify the validity of a user's domain.
Moderate
CVE-2023-51663
was published
for
hail
(pip)
Jan 2, 2024
OWASP.AntiSamy mXSS when preserving comments
Moderate
CVE-2023-51652
was published
for
OWASP.AntiSamy
(NuGet)
Jan 2, 2024
`serde` deserialization for `FamStructWrapper` lacks bound checks that could potentially lead to out-of-bounds memory access
Moderate
CVE-2023-50711
was published
for
vmm-sys-util
(Rust)
Jan 2, 2024
A vulnerability was found in rt-prettyphoto Plugin up to 1.2 on WordPress and classified as...
Moderate
Unreviewed
CVE-2015-10128
was published
Jan 2, 2024
Mattermost viewing archived public channels permissions vulnerability
Moderate
CVE-2023-47858
was published
for
github.com/mattermost/mattermost-server/v6
(Go)
Jan 2, 2024
Mattermost notified all users in the channel when using WebSockets to respond individually
Moderate
CVE-2023-48732
was published
for
github.com/mattermost/mattermost-server/v6
(Go)
Jan 2, 2024
A stack based buffer overflow was found in the virtio-net device of QEMU. This issue occurs when...
Moderate
Unreviewed
CVE-2023-6693
was published
Jan 2, 2024
in OpenHarmony v3.2.2 and prior versions allow a local attacker cause multimedia camera crash...
Moderate
Unreviewed
CVE-2023-47857
was published
Jan 2, 2024
in OpenHarmony v3.2.2 and prior versions allow a local attacker cause multimedia audio crash...
Moderate
Unreviewed
CVE-2023-49142
was published
Jan 2, 2024
in OpenHarmony v3.2.2 and prior versions allow a local attacker cause multimedia player crash...
Moderate
Unreviewed
CVE-2023-48360
was published
Jan 2, 2024
in OpenHarmony v3.2.2 and prior versions allow a local attacker cause multimedia player crash...
Moderate
Unreviewed
CVE-2023-49135
was published
Jan 2, 2024
Versions of the package libredwg before 0.12.5.6384 are vulnerable to Denial of Service (DoS) due...
Moderate
Unreviewed
CVE-2023-26157
was published
Jan 2, 2024
Memory corruption while receiving a message in Bus Socket Transport Server.
Moderate
Unreviewed
CVE-2023-33038
was published
Jan 2, 2024
Memory corruption when IPv6 prefix timer object`s lifetime expires which are created while Netmgr...
Moderate
Unreviewed
CVE-2023-28583
was published
Jan 2, 2024
Follow Redirects improperly handles URLs in the url.parse() function
Moderate
CVE-2023-26159
was published
for
follow-redirects
(npm)
Jan 2, 2024
In bluetooth service, there is a possible out of bounds write due to improper input validation....
Moderate
Unreviewed
CVE-2023-32891
was published
Jan 2, 2024
A vulnerability was found in RRJ Nueva Ecija Engineer Online Portal 1.0. It has been rated as...
Moderate
Unreviewed
CVE-2024-0185
was published
Jan 2, 2024
ProTip!
Advisories are also available from the
GraphQL API