Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,170
Erlang
30
GitHub Actions
19
Go
1,981
Maven
5,000+
npm
3,700
NuGet
656
pip
3,319
Pub
11
RubyGems
882
Rust
834
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

62 advisories

Loading
A vulnerability in the AWV (Audio, Web and Video Conferencing) component of Mitel MiCollab... Moderate Unreviewed
CVE-2024-47224 was published Oct 21, 2024
Improper Encoding or Escaping of Output vulnerability in The Wikimedia Foundation Mediawiki - CSS... Moderate Unreviewed
CVE-2024-47845 was published Oct 5, 2024
A Directory Traversal vulnerability in the Boa webserver of Vilo 5 Mesh WiFi System <= 5.16.1.33... Moderate Unreviewed
CVE-2024-40088 was published Oct 21, 2024
An issue was discovered in the Vector Skin component for MediaWiki before 1.39.5 and 1.40.x... Moderate Unreviewed
CVE-2023-45359 was published Oct 9, 2024
Docker Machine through 0.16.2 allows an attacker, who has control of a worker node, to provide... Moderate Unreviewed
CVE-2023-40453 was published Nov 14, 2023
An issue has been discovered in GitLab CE/EE affecting all versions starting from 7.14 before 15... Moderate Unreviewed
CVE-2023-2200 was published Jul 13, 2023
In SAP Enable Now - versions WPB_MANAGER 1.0, WPB_MANAGER_CE 10, WPB_MANAGER_HANA 10,... Moderate Unreviewed
CVE-2023-36919 was published Jul 11, 2023
HTML and SMTP injections on the registration page of LiquidFiles versions 3.7.13 and below, allow... Moderate Unreviewed
CVE-2023-4393 was published Oct 30, 2023
A vulnerability was found in kitsada8621 Digital Library Management System 1.0. It has been... Moderate Unreviewed
CVE-2024-8297 was published Aug 29, 2024
IBM Aspera Orchestrator 4.0.1 is vulnerable to HTTP header injection, caused by improper... Moderate Unreviewed
CVE-2023-26289 was published Jul 30, 2024
An issue was discovered in GitLab CE/EE affecting all versions starting from 8.16 prior to 17.0.6... Moderate Unreviewed
CVE-2024-6329 was published Aug 8, 2024
IBM Datacap Navigator 9.1.5, 9.1.6, 9.1.7, 9.1.8, and 9.1.9 is vulnerable to HTTP header... Moderate Unreviewed
CVE-2024-39736 was published Jul 15, 2024
Improper encoding or escaping of output in Wing FTP Server (User Web Client) allows Cross-Site... Moderate Unreviewed
CVE-2023-37875 was published Sep 14, 2023
RTX TRAP v1.0 was discovered to be vulnerable to host header poisoning. Moderate Unreviewed
CVE-2022-31458 was published Jul 25, 2023
When copying a network request from the developer tools panel as a curl command the output was... Moderate Unreviewed
CVE-2023-23599 was published Jun 2, 2023
A vulnerability exists in a FOXMAN-UN and UNEM logging component, it only affects systems that... Moderate Unreviewed
CVE-2023-1711 was published May 30, 2023
WebAssembly wat2wasm v1.0.32 allows attackers to cause a libc++abi.dylib crash by putting '@'... Moderate Unreviewed
CVE-2023-31669 was published May 23, 2023
In Counter-Strike: Global Offensive before 8/29/2019, community game servers can display unsafe... Moderate Unreviewed
CVE-2019-15944 was published May 24, 2022
An input validation issue affected WhatsApp Desktop versions prior to 0.3.3793 which allows... Moderate Unreviewed
CVE-2019-3571 was published May 24, 2022
A vulnerability classified as critical has been found in Sichuan Yougou Technology KuERP up to 1... Moderate Unreviewed
CVE-2024-0987 was published Jan 29, 2024
Sudo before 1.9.13 does not escape control characters in log messages. Moderate Unreviewed
CVE-2023-28486 was published Mar 16, 2023
Sudo before 1.9.13 does not escape control characters in sudoreplay output. Moderate Unreviewed
CVE-2023-28487 was published Mar 16, 2023
Sending specially crafted commands to a MongoDB Server may result in artificial log entries being... Moderate Unreviewed
CVE-2021-20333 was published May 24, 2022
The EventON WordPress plugin before 4.5.5, EventON WordPress plugin before 2.2.7 does not... Moderate Unreviewed
CVE-2023-6005 was published Jan 16, 2024
The EventON WordPress plugin before 4.5.5, EventON WordPress plugin before 2.2.7 do not properly... Moderate Unreviewed
CVE-2024-0233 was published Jan 16, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database