GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,133
Erlang
29
GitHub Actions
19
Go
1,940
Maven
5,000+
npm
3,677
NuGet
645
pip
3,295
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
91,086 advisories
Filter by severity
Windows SmartScreen Security Feature Bypass Vulnerability
High
Unreviewed
CVE-2023-36025
was published
Nov 14, 2023
Microsoft Excel Security Feature Bypass Vulnerability
High
Unreviewed
CVE-2023-36037
was published
Nov 14, 2023
An improper access control vulnerability [CWE-284] in FortiADC automation feature 7.1.0 through 7...
High
Unreviewed
CVE-2023-26205
was published
Nov 14, 2023
Windows Scripting Engine Memory Corruption Vulnerability
High
Unreviewed
CVE-2023-36017
was published
Nov 14, 2023
Visual Studio Code Jupyter Extension Spoofing Vulnerability
High
Unreviewed
CVE-2023-36018
was published
Nov 14, 2023
Path Traversal: '\..\filename' in GitHub repository salesagility/suitecrm prior to 7.14.2, 7.12...
High
Unreviewed
CVE-2023-6130
was published
Nov 14, 2023
Code Injection in GitHub repository salesagility/suitecrm prior to 7.14.2, 7.12.14, 8.4.2.
High
Unreviewed
CVE-2023-6131
was published
Nov 14, 2023
Cryptographic issue in HLOS during key management.
High
Unreviewed
CVE-2023-28556
was published
Nov 14, 2023
Memory Corruption in Core due to secure memory access by user while loading modem image.
High
Unreviewed
CVE-2023-24852
was published
Nov 14, 2023
Memory corruption in TZ Secure OS while loading an app ELF.
High
Unreviewed
CVE-2023-28545
was published
Nov 14, 2023
Memory Corruption in Core during syscall for Sectools Fuse comparison feature.
High
Unreviewed
CVE-2023-21671
was published
Nov 14, 2023
Northern.tech CFEngine Enterprise before 3.21.3 allows SQL Injection. The fixed versions are 3.18...
High
Unreviewed
CVE-2023-45684
was published
Nov 14, 2023
Dreamer CMS v4.1.3 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability...
High
Unreviewed
CVE-2023-48020
was published
Nov 14, 2023
Dreamer CMS v4.1.3 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability...
High
Unreviewed
CVE-2023-48021
was published
Nov 14, 2023
A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be...
High
Unreviewed
CVE-2023-6111
was published
Nov 14, 2023
A vulnerability has been identified in SIMATIC PCS neo (All versions < V4.1). When accessing the...
High
Unreviewed
CVE-2023-46098
was published
Nov 14, 2023
A vulnerability has been identified in SCALANCE XB205-3 (SC, PN) (All versions < V4.5), SCALANCE...
High
Unreviewed
CVE-2023-44317
was published
Nov 14, 2023
A vulnerability has been identified in Siemens OPC UA Modelling Editor (SiOME) (All versions < V2...
High
Unreviewed
CVE-2023-46590
was published
Nov 14, 2023
An out-of-bounds write vulnerability exists in the HTTP Server functionality of Weston Embedded...
High
Unreviewed
CVE-2023-24585
was published
Nov 14, 2023
A local non-privileged user can make improper GPU memory processing operations. If the operations...
High
Unreviewed
CVE-2023-3889
was published
Nov 14, 2023
GibbonEdu Gibbon through version 25.0.0 allows Directory Traversal via the report template...
High
Unreviewed
CVE-2023-45880
was published
Nov 14, 2023
SQL injection vulnerability in OSS Calendar versions prior to v.2.0.3 allows a remote...
High
Unreviewed
CVE-2023-47609
was published
Nov 14, 2023
An issue in Netgate pfSense v.2.7.0 allows a remote attacker to execute arbitrary code via a...
High
Unreviewed
CVE-2023-42326
was published
Nov 14, 2023
An issue in Yasukawa memberscard v.13.6.1 allows attackers to send crafted notifications via...
High
Unreviewed
CVE-2023-45560
was published
Nov 14, 2023
An issue in Golden v.13.6.1 allows attackers to send crafted notifications via leakage of the...
High
Unreviewed
CVE-2023-45558
was published
Nov 14, 2023
ProTip!
Advisories are also available from the
GraphQL API