GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,055
Erlang
29
GitHub Actions
19
Go
1,889
Maven
5,000+
npm
3,605
NuGet
638
pip
3,208
Pub
10
RubyGems
852
Rust
816
Swift
35
Unreviewed advisories
All unreviewed
5,000+
235 advisories
Filter by severity
Vulnerability of incomplete read and write permission verification in the GPU module. Successful...
Critical
Unreviewed
CVE-2021-46891
was published
Jul 5, 2023
Nexxt Nebula 1200-AC 15.03.06.60 allows authentication bypass and command execution by using the...
Critical
Unreviewed
CVE-2022-46080
was published
Jul 6, 2023
Franklin Fueling System FFS Colibri 1.9.22.8925 is affected by: File system overwrite. The impact...
Critical
Unreviewed
CVE-2022-44039
was published
Jul 6, 2023
In TravianZ 8.3.4 and 8.3.3, Incorrect Access Control in the installation script allows an...
Critical
Unreviewed
CVE-2023-36994
was published
Jul 7, 2023
Apache Pulsar Incorrect Authorization vulnerability
Critical
CVE-2023-30429
was published
for
org.apache.pulsar:pulsar
(Maven)
Jul 12, 2023
** UNSUPPORTED WHEN ASSIGNED ** Authentication Bypass vulnerability in D-Link DIR-895 FW102b07...
Critical
Unreviewed
CVE-2023-36091
was published
Jul 31, 2023
** UNSUPPORTED WHEN ASSIGNED ** Authentication Bypass vulnerability in D-Link DIR-645 firmware...
Critical
Unreviewed
CVE-2023-36089
was published
Jul 31, 2023
** UNSUPPORTED WHEN ASSIGNED ** Authentication Bypass vulnerability in D-Link DIR-885L FW102b01...
Critical
Unreviewed
CVE-2023-36090
was published
Jul 31, 2023
** UNSUPPORTED WHEN ASSIGNED ** Authentication Bypass vulnerability in D-Link DIR-859 FW105b03...
Critical
Unreviewed
CVE-2023-36092
was published
Jul 31, 2023
KramerAV VIA Connect (2) and VIA Go (2) devices with a version prior to 4.0.1.1326 exhibit a...
Critical
Unreviewed
CVE-2023-33468
was published
Aug 9, 2023
The Linux DVS server component of Mitel MiVoice Connect through 19.3 SP2 (22.24.1500.0) could...
Critical
Unreviewed
CVE-2023-32748
was published
Aug 14, 2023
A security vulnerability in MICS Admin Portal in Ivanti MobileIron Sentry versions 9.18.0 and...
Critical
Unreviewed
CVE-2023-38035
was published
Aug 21, 2023
BMC Server Automation before 8.9.01 patch 1 allows Process Spawner command execution because of...
Critical
Unreviewed
CVE-2017-9453
was published
Sep 5, 2023
A vulnerability in the remote access VPN feature of Cisco Adaptive Security Appliance (ASA)...
Critical
Unreviewed
CVE-2023-20269
was published
Sep 6, 2023
An Access Control issue discovered in Extreme Networks Switch Engine (EXOS) before 32.5.1.5, also...
Critical
Unreviewed
CVE-2023-43119
was published
Oct 16, 2023
VMware Aria Operations for Logs contains an authentication bypass vulnerability. An...
Critical
Unreviewed
CVE-2023-34051
was published
Oct 20, 2023
All versions of Confluence Data Center and Server are affected by this unexploited vulnerability....
Critical
Unreviewed
CVE-2023-22518
was published
Oct 31, 2023
A vulnerability in the web services interface of Cisco Firepower Management Center (FMC) Software...
Critical
Unreviewed
CVE-2023-20048
was published
Nov 1, 2023
XWiki Platform privilege escalation from script right to programming right through title displayer
Critical
CVE-2023-46244
was published
for
org.xwiki.platform:xwiki-platform-display-api
(Maven)
Nov 7, 2023
SAP Business One installation - version 10.0, does not perform proper authentication and...
Critical
Unreviewed
CVE-2023-31403
was published
Nov 14, 2023
A client side rate limit issue discovered in Connectize AC21000 G6 641.139.1.1256 allows...
Critical
Unreviewed
CVE-2023-24051
was published
Dec 5, 2023
An issue discovered in Connectize AC21000 G6 641.139.1.1256 allows attackers to gain control of...
Critical
Unreviewed
CVE-2023-24052
was published
Dec 5, 2023
Incorrect authorization checks in GitLab CE/EE from all versions starting from 8.13 before 16.5.6...
Critical
Unreviewed
CVE-2023-5356
was published
Jan 12, 2024
Buildkit's interactive containers API does not validate entitlements check
Critical
CVE-2024-23653
was published
for
github.com/moby/buildkit
(Go)
Jan 31, 2024
In Delinea PAM Secret Server 11.4, it is possible for a user (with access to the Report...
Critical
Unreviewed
CVE-2024-25652
was published
Mar 14, 2024
ProTip!
Advisories are also available from the
GraphQL API