Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,335
Erlang
31
GitHub Actions
22
Go
2,096
Maven
5,000+
npm
3,762
NuGet
678
pip
3,448
Pub
12
RubyGems
892
Rust
882
Swift
37
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

58 advisories

Loading
Controller DoS due to stack overflow when decoding a message from the server High Unreviewed
CVE-2023-24480 was published Jul 13, 2023
SAP Solution Manager (Diagnostics agent) - version 7.20, allows an attacker to tamper with... High Unreviewed
CVE-2023-36921 was published Jul 11, 2023
An attacker could have caused memory corruption and a potentially exploitable use-after-free of a... High Unreviewed
CVE-2023-29543 was published Jun 2, 2023
PDFZorro PDFZorro Online r20220428 using TCPDF 6.2.5, despite having workflows claiming to... High Unreviewed
CVE-2022-30351 was published Mar 30, 2023
The Web Client of Parallels Remote Application Server v18.0 is vulnerable to Host Header... High Unreviewed
CVE-2022-40870 was published Nov 23, 2022
In Kitty before 0.26.2, insufficient validation in the desktop notification escape sequence can... High Unreviewed
CVE-2022-41322 was published Sep 25, 2022
The OWASP ModSecurity Core Rule Set (CRS) is affected by a response body bypass. A client can... High Unreviewed
CVE-2022-39957 was published Sep 21, 2022
The OWASP ModSecurity Core Rule Set (CRS) is affected by a response body bypass to sequentially... High Unreviewed
CVE-2022-39958 was published Sep 21, 2022
Verizon 5G Home LVSKIHP OutDoorUnit (ODU) 3.33.101.0 does not property sanitize user-controlled... High Unreviewed
CVE-2022-28374 was published Jul 15, 2022
In motor-admin versions 0.0.1 through 0.2.56 are vulnerable to host header injection in the... High Unreviewed
CVE-2022-23079 was published Jun 23, 2022
Improper Encoding or Escaping in Gallagher Command Centre Server allows a Command Centre Operator... High Unreviewed
CVE-2021-23205 was published May 24, 2022
IBM Spectrum Scale 1.1.1.0 through 1.1.8.4 Transparent Cloud Tiering could allow a remote... High Unreviewed
CVE-2020-4850 was published May 24, 2022
IBM Security Verify Information Queue 1.0.6 and 1.0.7 could allow a user to perform unauthorized... High Unreviewed
CVE-2021-20405 was published May 24, 2022
In MediaWiki before 1.35.1, the messages userrights-expiry-current and userrights-expiry-none can... High Unreviewed
CVE-2020-35475 was published May 24, 2022
A remote code execution vulnerability is identified in FruityWifi through 2.4. Due to improperly... High Unreviewed
CVE-2020-24849 was published May 24, 2022
A flaw was found in Ansible Collection community.crypto. openssl_privatekey_info exposes private... High Unreviewed
CVE-2020-25646 was published May 24, 2022
http.client in Python 3.x before 3.5.10, 3.6.x before 3.6.12, 3.7.x before 3.7.9, and 3.8.x... High Unreviewed
CVE-2020-26116 was published May 24, 2022
Multiple vulnerabilities in the multi-instance feature of Cisco Firepower Threat Defense (FTD)... High Unreviewed
CVE-2019-12675 was published May 24, 2022
Multiple vulnerabilities in the multi-instance feature of Cisco Firepower Threat Defense (FTD)... High Unreviewed
CVE-2019-12674 was published May 24, 2022
LibreOffice documents can contain macros. The execution of those macros is controlled by the... High Unreviewed
CVE-2019-9853 was published May 24, 2022
An issue was discovered in SWIFT Alliance Web Platform 7.1.23. A log injection (and an arbitrary... High Unreviewed
CVE-2018-16386 was published May 24, 2022
Multiple functions in NetApp OnCommand System Manager before 8.3.2 do not properly escape special... High Unreviewed
CVE-2016-3063 was published May 17, 2022
The csv_log_html function in library/edihistory/edih_csv_inc.php in OpenEMR 5.0.0 and prior... High Unreviewed
CVE-2017-12064 was published May 13, 2022
contrib/completion/git-prompt.sh in Git before 1.9.3 does not sanitize branch names in the PS1... High Unreviewed
CVE-2014-9938 was published May 13, 2022
A remote code execution vulnerability exists in Microsoft Dynamics 365 (on-premises) version 8... High Unreviewed
CVE-2018-8609 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database