GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,018
Erlang
29
GitHub Actions
16
Go
1,830
Maven
5,000+
npm
3,573
NuGet
632
pip
3,150
Pub
10
RubyGems
847
Rust
796
Swift
34
Unreviewed advisories
All unreviewed
5,000+
95,326 advisories
Filter by severity
IBM Aspera Faspex 5.0.5 could allow a malicious actor to bypass IP whitelist restrictions using a...
High
Unreviewed
CVE-2023-30995
was published
Sep 8, 2023
IBM QRadar WinCollect Agent 10.0 through 10.1.6, when installed to run as ADMIN or SYSTEM, is...
High
Unreviewed
CVE-2023-38736
was published
Sep 8, 2023
Jeecg boot arbitrary file read vulnerability
High
CVE-2023-41578
was published
for
org.jeecgframework.boot:jeecg-boot-parent
(Maven)
Sep 8, 2023
QUIC connections do not set an upper bound on the amount of data buffered when reading post...
High
Unreviewed
CVE-2023-39322
was published
Sep 8, 2023
Processing an incomplete post-handshake message for a QUIC connection can cause a panic.
High
Unreviewed
CVE-2023-39321
was published
Sep 8, 2023
Hexo up to v7.0.0 (RC2) was discovered to contain an arbitrary file read vulnerability.
High
Unreviewed
CVE-2023-39584
was published
Sep 8, 2023
SolarView Compact < 6.00 is vulnerable to Directory Traversal.
High
Unreviewed
CVE-2023-40924
was published
Sep 8, 2023
Issue summary: The POLY1305 MAC (message authentication code) implementation
contains a bug that...
High
Unreviewed
CVE-2023-4807
was published
Sep 8, 2023
An issue was discovered in iscflashx64.sys 3.9.3.0 in Insyde H2OFFT 6.20.00. When handling IOCTL...
High
Unreviewed
CVE-2021-33834
was published
Sep 8, 2023
In Trusted Firmware-M through TF-Mv1.8.0, for platforms that integrate the CryptoCell accelerator...
High
Unreviewed
CVE-2023-40271
was published
Sep 8, 2023
GIGAPOD file servers (Appliance model and Software model) provide two web interfaces, 80/tcp and...
High
Unreviewed
CVE-2014-5329
was published
Sep 8, 2023
icms 7.0.16 is vulnerable to Cross Site Request Forgery (CSRF).
High
Unreviewed
CVE-2023-40953
was published
Sep 8, 2023
An Issue in Buffalo America, Inc. TeraStation NAS TS5410R v.5.00 thru v.0.07 allows a remote...
High
Unreviewed
CVE-2023-39620
was published
Sep 8, 2023
An issue was discovered in Samsung Exynos Mobile Processor and Wearable Processor (Exynos 980,...
High
Unreviewed
CVE-2023-37377
was published
Sep 8, 2023
An issue was discovered in Samsung Exynos Mobile Processor, Automotive Processor, and Modem ...
High
Unreviewed
CVE-2023-37368
was published
Sep 8, 2023
CMysten Labs Sui blockchain v1.2.0 was discovered to contain a stack overflow via the component ...
High
Unreviewed
CVE-2023-36184
was published
Sep 8, 2023
Dairy Farm Shop Management System Using PHP and MySQL v1.1 was discovered to contain multiple SQL...
High
Unreviewed
CVE-2023-41594
was published
Sep 8, 2023
A validation issue was addressed with improved logic. This issue is fixed in watchOS 9.6.2, iOS...
High
Unreviewed
CVE-2023-41061
was published
Sep 7, 2023
Unsafe deserialization in JSCAPE MFT Server versions prior to 2023.1.9 (Windows, Linux, and MacOS...
High
Unreviewed
CVE-2023-4528
was published
Sep 7, 2023
Delta Electronics' CNCSoft-B version 1.0.0.4 and DOPSoft versions 4.0.0.82 and prior are...
High
Unreviewed
CVE-2023-4685
was published
Sep 7, 2023
A vulnerability has been identified within Serv-U 15.4 and 15.4 Hotfix 1 that, if exploited,...
High
Unreviewed
CVE-2023-40060
was published
Sep 7, 2023
The web server used by MikroTik RouterOS version 6 is affected by a heap memory corruption issue....
High
Unreviewed
CVE-2023-30800
was published
Sep 7, 2023
A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS...
High
Unreviewed
CVE-2023-41064
was published
Sep 7, 2023
Adobe Premiere Pro versions 22.0 (and earlier) and 15.4.2 (and earlier) are affected by an out-of...
High
Unreviewed
CVE-2021-40795
was published
Sep 7, 2023
ColdFusion version 2021 update 1 (and earlier) and versions 2018.10 (and earlier) are impacted by...
High
Unreviewed
CVE-2021-40699
was published
Sep 7, 2023
ProTip!
Advisories are also available from the
GraphQL API