GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,023
Erlang
29
GitHub Actions
16
Go
1,830
Maven
5,000+
npm
3,573
NuGet
632
pip
3,154
Pub
10
RubyGems
847
Rust
796
Swift
34
Unreviewed advisories
All unreviewed
5,000+
95,337 advisories
Filter by severity
Improper access control for the Intel(R) NUC Pro Software Suite before version 2.0.0.3 may allow...
High
Unreviewed
CVE-2022-32578
was published
May 10, 2023
Uncontrolled search path in the Intel(R) Unite(R) Plugin SDK before version 4.2 may allow an...
High
Unreviewed
CVE-2022-32576
was published
May 10, 2023
Use after free in the Intel(R) VROC software before version 7.7.6.1003 may allow an authenticated...
High
Unreviewed
CVE-2022-29919
was published
May 10, 2023
Incorrect default permissions in the Intel(R) VROC software before version 7.7.6.1003 may allow...
High
Unreviewed
CVE-2022-30338
was published
May 10, 2023
Null pointer dereference in the Intel(R) VROC software before version 7.7.6.1003 may allow an...
High
Unreviewed
CVE-2022-29508
was published
May 10, 2023
Uncontrolled search path in the Intel(R) MacCPUID software before version 3.2 may allow an...
High
Unreviewed
CVE-2022-27180
was published
May 10, 2023
Out-of-bounds write in software for the Intel QAT Driver for Windows before version 1.9.0-0008...
High
Unreviewed
CVE-2022-21804
was published
May 10, 2023
Uncontrolled search path for the Intel(R) HDMI Firmware Update tool for NUC before version 1.79.1...
High
Unreviewed
CVE-2022-21162
was published
May 10, 2023
Cross-site request forgery (CSRF) vulnerability in LIQUID SPEECH BALLOON versions prior to 1.2...
High
Unreviewed
CVE-2023-27889
was published
May 10, 2023
Shinseiyo Sogo Soft (7.9A) and earlier improperly restricts XML external entity references (XXE)....
High
Unreviewed
CVE-2023-27527
was published
May 10, 2023
Heap-based buffer overflow vulnerability exists in CX-Drive All models V3.01 and earlier. By...
High
Unreviewed
CVE-2023-27385
was published
May 10, 2023
Use of weak credentials exists in Seiko Solutions SkyBridge and SkySpider series, which may allow...
High
Unreviewed
CVE-2023-25184
was published
May 10, 2023
Use of weak credentials exists in SkyBridge MB-A100/110 firmware Ver. 4.2.0 and earlier, which...
High
Unreviewed
CVE-2023-25072
was published
May 10, 2023
Missing authentication for critical function exists in SkyBridge MB-A100/110 firmware Ver. 4.2.0...
High
Unreviewed
CVE-2023-23906
was published
May 10, 2023
Improper access control vulnerability in SkyBridge MB-A200 firmware Ver. 01.00.05 and earlier...
High
Unreviewed
CVE-2023-23578
was published
May 10, 2023
Missing authentication for critical function exists in Seiko Solutions SkyBridge series, which...
High
Unreviewed
CVE-2023-22441
was published
May 10, 2023
An issue was discovered in Veritas InfoScale Operations Manager (VIOM) before 7.4.2.800 and 8.x...
High
Unreviewed
CVE-2023-32568
was published
May 10, 2023
An unrestricted upload of file with dangerous type vulnerability exists in Avalanche versions 6.3...
High
Unreviewed
CVE-2023-28128
was published
May 10, 2023
A path traversal vulnerability exists in Avalanche version 6.3.x and below that when exploited...
High
Unreviewed
CVE-2023-28127
was published
May 10, 2023
A session takeover vulnerability exists in FICO Origination Manager Decision Module 4.8.1 due to...
High
Unreviewed
CVE-2023-30056
was published
May 9, 2023
Insufficient input validation in ASP may allow
an attacker with a compromised SMM to induce out...
High
Unreviewed
CVE-2021-46765
was published
May 9, 2023
Insufficient input validation in ABL may enable
a privileged attacker to corrupt ASP memory,...
High
Unreviewed
CVE-2021-46773
was published
May 9, 2023
Failure to unmap certain SysHub mappings in
error paths of the ASP (AMD Secure Processor)...
High
Unreviewed
CVE-2021-46755
was published
May 9, 2023
Insufficient input validation on the model
specific register: VM_HSAVE_PA may potentially lead to...
High
Unreviewed
CVE-2022-23818
was published
May 9, 2023
Insufficient input validation in the SMU may
enable a privileged attacker to write beyond the...
High
Unreviewed
CVE-2021-46763
was published
May 9, 2023
ProTip!
Advisories are also available from the
GraphQL API