GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,536
Composer 4,189
Erlang 31
GitHub Actions 19
Go 1,985
Maven 5,160
npm 3,701
NuGet 657
pip 3,326
Pub 11
RubyGems 882
Rust 836
Swift 35

Unreviewed advisories

All unreviewed 233,409

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

673 advisories

Filter by severity

Sort by

Least recently updated

Potential buffer overflow vulnerability in mm_LteInterRatManagement.c in Shannon baseband prior... Critical Unreviewed

CVE-2023-21503 was published May 4, 2023

Potential buffer overflow vulnerability in auth api in mm_Authentication.c in Shannon baseband... Critical Unreviewed

CVE-2023-21494 was published May 4, 2023

An issue was discovered in ONOS 2.5.1. An intent with a large port number shows the CORRUPT state... Critical Unreviewed

CVE-2022-29606 was published Apr 20, 2023

memory corruption in modem due to improper check while calculating size of serialized CoAP message Critical Unreviewed

CVE-2022-33211 was published Apr 13, 2023

Certain Lexmark devices through 2023-02-19 mishandle Input Validation (issue 2 of 4). Critical Unreviewed

CVE-2023-26068 was published Apr 10, 2023

Certain Lexmark devices through 2023-02-19 mishandle Input Validation (issue 4 of 4). Critical Unreviewed

CVE-2023-26070 was published Apr 10, 2023

Certain Lexmark devices through 2023-02-19 mishandle Input Validation (issue 3 of 4). Critical Unreviewed

CVE-2023-26069 was published Apr 10, 2023

Improper input validation in the Intel(R) SUR software before version 2.4.8902 may allow an... Critical Unreviewed

CVE-2022-33964 was published Feb 16, 2023

Memory corruption in modem due to improper length check while copying into memory Critical Unreviewed

CVE-2022-25729 was published Feb 12, 2023

Improper Input Validation vulnerability in Group Arge Energy and Control Systems Smartpower Web... Critical Unreviewed

CVE-2022-45088 was published Feb 12, 2023

Improper Input Validation vulnerability in Group Arge Energy and Control Systems Smartpower Web... Critical Unreviewed

CVE-2022-4557 was published Feb 12, 2023

In Config Manager, there is a possible command injection due to improper input validation. This... Critical Unreviewed

CVE-2021-31575 was published Feb 7, 2023

In Config Manager, there is a possible command injection due to improper input validation. This... Critical Unreviewed

CVE-2021-31574 was published Feb 7, 2023

In Config Manager, there is a possible command injection due to improper input validation. This... Critical Unreviewed

CVE-2021-31573 was published Feb 7, 2023

ChangingTech MegaServiSignAdapter component has a vulnerability of improper input validation. An... Critical Unreviewed

CVE-2022-39060 was published Jan 31, 2023

A vulnerability in the web-based management interface of Cisco Small Business RV042 Series... Critical Unreviewed

CVE-2023-20025 was published Jan 20, 2023

Multiple Zoho ManageEngine on-premise products, such as ServiceDesk Plus through 14003, allow... Critical Unreviewed

CVE-2022-47966 was published Jan 18, 2023

BlogEngine.NET v3.3.8.0 allows an attacker to create any folder with "files" prefix under ~... Critical Unreviewed

CVE-2022-41417 was published Jan 18, 2023

Improper Input Validation vulnerability in OTRS AG OTRS, OTRS AG ((OTRS)) Community Edition... Critical Unreviewed

CVE-2022-4427 was published Dec 19, 2022

Zabbix Frontend provides a feature that allows admins to maintain the installation and ensure... Critical Unreviewed

CVE-2022-43515 was published Dec 5, 2022

A flaw was found in Wordpress 5.1. "X-Forwarded-For" is a HTTP header used to carry the client's... Critical Unreviewed

CVE-2020-35539 was published Oct 17, 2022

In Carlo Gavazzi UWP3.0 in multiple versions and CPY Car Park Server in Version 2.8.3 a remote,... Critical Unreviewed

CVE-2022-28811 was published Sep 29, 2022

Insufficient data validation in Mojo in Google Chrome prior to 105.0.5195.102 allowed a remote... Critical Unreviewed

CVE-2022-3075 was published Sep 27, 2022

In BT firmware, there is a possible out of bounds write due to a missing bounds check. This could... Critical Unreviewed

CVE-2022-26447 was published Sep 7, 2022

Improper Input Validation vulnerability in the project upload mechanism in B&R Automation Studio... Critical Unreviewed

CVE-2021-22289 was published Aug 12, 2022

Previous 1 2 3 4 5 6 7 … 26 27 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

673 advisories