GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,133
Erlang
29
GitHub Actions
19
Go
1,940
Maven
5,000+
npm
3,677
NuGet
645
pip
3,295
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
138 advisories
Filter by severity
Improper input validation in some firmware for Intel(R) AMT and Intel(R) Standard Manageability...
High
Unreviewed
CVE-2022-36392
was published
Aug 11, 2023
Docker Desktop before v4.34.3 allows RCE via unsanitized GitHub source link in Build view.
High
Unreviewed
CVE-2024-9348
was published
Oct 16, 2024
Account users in Apache CloudStack by default are allowed to upload and register templates for...
High
Unreviewed
CVE-2024-45219
was published
Oct 16, 2024
An issue was discovered in MISP before 2.4.176. app/Controller/Component/IndexFilterComponent.php...
Critical
Unreviewed
CVE-2023-48655
was published
Nov 17, 2023
HAProxy before 2.8.2 accepts # as part of the URI component, which might allow remote attackers...
High
Unreviewed
CVE-2023-45539
was published
Nov 28, 2023
An unauthenticated local attacker can gain admin privileges by deploying a config file due to...
High
Unreviewed
CVE-2024-45271
was published
Oct 15, 2024
Input verification vulnerability in the audio module. Successful exploitation of this...
High
Unreviewed
CVE-2023-39382
was published
Aug 13, 2023
Input verification vulnerability in the storage module. Successful exploitation of this...
High
Unreviewed
CVE-2023-39381
was published
Aug 13, 2023
Vulnerability of input parameter verification in certain APIs in the window management module....
High
Unreviewed
CVE-2023-39390
was published
Aug 13, 2023
Vulnerability of input parameters being not strictly verified in the PMS module. Successful...
High
Unreviewed
CVE-2023-39386
was published
Aug 13, 2023
An issue was discovered in the Vector Skin component for MediaWiki before 1.39.5 and 1.40.x...
Moderate
Unreviewed
CVE-2023-45359
was published
Oct 9, 2024
Docker Machine through 0.16.2 allows an attacker, who has control of a worker node, to provide...
Moderate
Unreviewed
CVE-2023-40453
was published
Nov 14, 2023
Improper Encoding or Escaping of Output vulnerability in The Wikimedia Foundation Mediawiki - CSS...
Moderate
Unreviewed
CVE-2024-47845
was published
Oct 5, 2024
An issue has been discovered in GitLab CE/EE affecting all versions starting from 7.14 before 15...
Moderate
Unreviewed
CVE-2023-2200
was published
Jul 13, 2023
In SAP Enable Now - versions WPB_MANAGER 1.0, WPB_MANAGER_CE 10, WPB_MANAGER_HANA 10,...
Moderate
Unreviewed
CVE-2023-36919
was published
Jul 11, 2023
An issue has been discovered in GitLab EE affecting all versions starting from 16.0 prior to 17.2...
Low
Unreviewed
CVE-2024-4099
was published
Sep 27, 2024
HTML and SMTP injections on the registration page of LiquidFiles versions 3.7.13 and below, allow...
Moderate
Unreviewed
CVE-2023-4393
was published
Oct 30, 2023
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting'),...
Critical
Unreviewed
CVE-2024-7873
was published
Sep 17, 2024
A vulnerability was found in kitsada8621 Digital Library Management System 1.0. It has been...
Moderate
Unreviewed
CVE-2024-8297
was published
Aug 29, 2024
Substitution encoding issue in mod_rewrite in Apache HTTP Server 2.4.59 and earlier allows...
Critical
Unreviewed
CVE-2024-38474
was published
Jul 1, 2024
In shouldRestrictOverlayActivities of UsbProfileGroupSettingsManager.java, there is a possible...
High
Unreviewed
CVE-2024-34739
was published
Aug 16, 2024
Windows App Installer Spoofing Vulnerability
High
Unreviewed
CVE-2024-38177
was published
Aug 13, 2024
IBM Aspera Orchestrator 4.0.1 is vulnerable to HTTP header injection, caused by improper...
Moderate
Unreviewed
CVE-2023-26289
was published
Jul 30, 2024
An issue was discovered in GitLab CE/EE affecting all versions starting from 8.16 prior to 17.0.6...
Moderate
Unreviewed
CVE-2024-6329
was published
Aug 8, 2024
Encoding problem in mod_proxy in Apache HTTP Server 2.4.59 and earlier allows request URLs with...
High
Unreviewed
CVE-2024-38473
was published
Jul 1, 2024
ProTip!
Advisories are also available from the
GraphQL API