Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
20
Go
2,000
Maven
5,000+
npm
3,711
NuGet
661
pip
3,383
Pub
11
RubyGems
885
Rust
849
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

108,914 advisories

Loading
PDF-XChange Editor Net.HTTP.requests Exposed Dangerous Function Information Disclosure... Moderate Unreviewed
CVE-2023-39505 was published May 3, 2024
Inductive Automation Ignition SimpleXMLReader XML External Entity Processing Information... Moderate Unreviewed
CVE-2023-39472 was published May 3, 2024
Triangle MicroWorks SCADA Data Gateway certificate Information Disclosure Vulnerability. This... Moderate Unreviewed
CVE-2023-39467 was published May 3, 2024
Triangle MicroWorks SCADA Data Gateway Workspace Unrestricted Upload Vulnerability. This... Moderate Unreviewed
CVE-2023-39462 was published May 3, 2024
Softing Secure Integration Server OPC UA Gateway Directory Creation Vulnerability. This... Moderate Unreviewed
CVE-2023-39479 was published May 3, 2024
PDF-XChange Editor readFileIntoStream Exposed Dangerous Function Information Disclosure... Moderate Unreviewed
CVE-2023-39495 was published May 3, 2024
Triangle MicroWorks SCADA Data Gateway Event Log Improper Output Neutralization For Logs... Moderate Unreviewed
CVE-2023-39461 was published May 3, 2024
Softing Secure Integration Server Hardcoded Cryptographic Key Information Disclosure... Moderate Unreviewed
CVE-2023-39482 was published May 3, 2024
Triangle MicroWorks SCADA Data Gateway Use of Hard-coded Credentials Authentication Bypass... Moderate Unreviewed
CVE-2023-39458 was published May 3, 2024
Softing Secure Integration Server FileDirectory OPC UA Object Arbitrary File Creation... Moderate Unreviewed
CVE-2023-39480 was published May 3, 2024
Triangle MicroWorks SCADA Data Gateway get_config Missing Authentication Information Disclosure... Moderate Unreviewed
CVE-2023-39466 was published May 3, 2024
Softing Secure Integration Server Interpretation Conflict Remote Code Execution Vulnerability.... Moderate Unreviewed
CVE-2023-39481 was published May 3, 2024
Softing Secure Integration Server Exposure of Resource to Wrong Sphere Remote Code Execution... Moderate Unreviewed
CVE-2023-39478 was published May 3, 2024
D-Link DIR-3040 prog.cgi SetWan2Settings Stack-Based Buffer Overflow Remote Code Execution... Moderate Unreviewed
CVE-2023-41222 was published May 3, 2024
ASUS RT-AX92U lighttpd mod_webdav.so SQL Injection Information Disclosure Vulnerability. This... Moderate Unreviewed
CVE-2023-35720 was published May 3, 2024
D-Link DIR-2150 SetTriggerPPPoEValidate Username Command Injection Remote Code Execution... Moderate Unreviewed
CVE-2023-34276 was published May 3, 2024
NETGEAR RAX30 USB Share Link Following Information Disclosure Vulnerability. This vulnerability... Moderate Unreviewed
CVE-2023-34283 was published May 3, 2024
Unified Automation UaGateway OPC UA Server Improper Input Validation Denial-of-Service... Moderate Unreviewed
CVE-2023-32170 was published May 3, 2024
Unified Automation UaGateway OPC UA Server Null Pointer Dereference Denial-of-Service... Moderate Unreviewed
CVE-2023-32171 was published May 3, 2024
Unified Automation UaGateway OPC UA Server Use-After-Free Denial-of-Service Vulnerability. This... Moderate Unreviewed
CVE-2023-32172 was published May 3, 2024
NETGEAR RAX30 Use of Hard-coded Credentials Authentication Bypass Vulnerability. This... Moderate Unreviewed
CVE-2023-34284 was published May 3, 2024
D-Link DIR-2150 GetFirmwareStatus Target Command Injection Remote Code Execution Vulnerability.... Moderate Unreviewed
CVE-2023-34281 was published May 3, 2024
D-Link DIR-2150 SetSysEmailSettings AccountName Command Injection Remote Code Execution... Moderate Unreviewed
CVE-2023-34277 was published May 3, 2024
D-Link DIR-2150 SetSysEmailSettings EmailFrom Command Injection Remote Code Execution... Moderate Unreviewed
CVE-2023-34278 was published May 3, 2024
D-Link DIR-2150 GetDeviceSettings Target Command Injection Remote Code Execution Vulnerability.... Moderate Unreviewed
CVE-2023-34279 was published May 3, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database