Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,273
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,739
NuGet
668
pip
3,417
Pub
12
RubyGems
891
Rust
872
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

149 advisories

Loading
A vulnerability in Koji was found. An unsanitized input allows for an XSS attack. Javascript code... Moderate Unreviewed
CVE-2024-9427 was published Dec 24, 2024
A vulnerability was found in Romain Bourdon Wampserver all versions (discovered in v3.2.3 and v3... High Unreviewed
CVE-2024-46547 was published Dec 9, 2024
In ArrayConcatVisitor of builtins-array.cc, there is a possible type confusion due to improper... High Unreviewed
CVE-2018-9433 was published Nov 20, 2024
Gradio before 4.20 allows credential leakage on Windows. High Unreviewed
CVE-2024-34510 was published May 5, 2024
A vulnerability in the AWV (Audio, Web and Video Conferencing) component of Mitel MiCollab... Moderate Unreviewed
CVE-2024-47224 was published Oct 21, 2024
Sharp and Toshiba Tec MFPs improperly process query parameters in HTTP requests, which may allow... High Unreviewed
CVE-2024-47549 was published Oct 25, 2024
Denial of Service (DoS) vulnerability in the DMS module. Successful exploitation of this... High Unreviewed
CVE-2023-52098 was published Jan 16, 2024
Vulnerability of parameters being not verified in the WMS module. Successful exploitation of this... High Unreviewed
CVE-2023-52102 was published Jan 16, 2024
Interactive Forms (IAF) in GX Software XperienCentral versions 10.33.1 until 10.35.0 was... High Unreviewed
CVE-2022-43713 was published Jul 26, 2023
Improper Encoding or Escaping of Output vulnerability in The Wikimedia Foundation Mediawiki - CSS... Moderate Unreviewed
CVE-2024-47845 was published Oct 5, 2024
A Directory Traversal vulnerability in the Boa webserver of Vilo 5 Mesh WiFi System <= 5.16.1.33... Moderate Unreviewed
CVE-2024-40088 was published Oct 21, 2024
Improper input validation for some Intel NUC BIOS firmware before version JY0070 may allow a... High Unreviewed
CVE-2023-28738 was published Jan 19, 2024
Improper input validation in some firmware for Intel(R) AMT and Intel(R) Standard Manageability... High Unreviewed
CVE-2022-36392 was published Aug 11, 2023
Docker Desktop before v4.34.3 allows RCE via unsanitized GitHub source link in Build view. High Unreviewed
CVE-2024-9348 was published Oct 16, 2024
Account users in Apache CloudStack by default are allowed to upload and register templates for... High Unreviewed
CVE-2024-45219 was published Oct 16, 2024
An issue was discovered in MISP before 2.4.176. app/Controller/Component/IndexFilterComponent.php... Critical Unreviewed
CVE-2023-48655 was published Nov 17, 2023
HAProxy before 2.8.2 accepts # as part of the URI component, which might allow remote attackers... High Unreviewed
CVE-2023-45539 was published Nov 28, 2023
An unauthenticated local attacker can gain admin privileges by deploying a config file due to... High Unreviewed
CVE-2024-45271 was published Oct 15, 2024
Input verification vulnerability in the audio module. Successful exploitation of this... High Unreviewed
CVE-2023-39382 was published Aug 13, 2023
Input verification vulnerability in the storage module. Successful exploitation of this... High Unreviewed
CVE-2023-39381 was published Aug 13, 2023
Vulnerability of input parameter verification in certain APIs in the window management module.... High Unreviewed
CVE-2023-39390 was published Aug 13, 2023
Vulnerability of input parameters being not strictly verified in the PMS module. Successful... High Unreviewed
CVE-2023-39386 was published Aug 13, 2023
An issue was discovered in the Vector Skin component for MediaWiki before 1.39.5 and 1.40.x... Moderate Unreviewed
CVE-2023-45359 was published Oct 9, 2024
Docker Machine through 0.16.2 allows an attacker, who has control of a worker node, to provide... Moderate Unreviewed
CVE-2023-40453 was published Nov 14, 2023
An issue has been discovered in GitLab CE/EE affecting all versions starting from 7.14 before 15... Moderate Unreviewed
CVE-2023-2200 was published Jul 13, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database