GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
20
Go
2,000
Maven
5,000+
npm
3,711
NuGet
661
pip
3,383
Pub
11
RubyGems
885
Rust
849
Swift
36
Unreviewed advisories
All unreviewed
5,000+
24 advisories
Filter by severity
The UltimateAI plugin for WordPress is vulnerable to authentication bypass in all versions up to,...
Moderate
Unreviewed
CVE-2024-9104
was published
Oct 16, 2024
An XML entity expansion or XEE vulnerability in SAML component of Ivanti Connect Secure (9.x, 22...
Moderate
Unreviewed
CVE-2024-22023
was published
Apr 4, 2024
An unhandled edge case in the component _sanitizedPath of ZipArchive v2.5.4 allows attackers to...
Moderate
Unreviewed
CVE-2023-39136
was published
Aug 31, 2023
HashiCorpVault does not correctly validate OCSP responses
Moderate
CVE-2024-2660
was published
for
github.com/hashicorp/vault
(Go)
Apr 4, 2024
A flaw was found in KVM. An improper check in svm_set_x2apic_msr_interception() may allow direct...
Moderate
Unreviewed
CVE-2023-5090
was published
Nov 6, 2023
A vulnerability has been identified in SIMATIC Reader RF610R CMIIT (6GT2811-6BC10-2AA0) (All...
Moderate
Unreviewed
CVE-2024-37992
was published
Sep 10, 2024
CloudLink, versions 7.1.x and 8.x, contain an Improper check or handling of Exceptional...
Moderate
Unreviewed
CVE-2024-38482
was published
Aug 2, 2024
Unitronics Vision PLC – CWE-703: Improper Check or Handling of Exceptional Conditions may allow...
Moderate
Unreviewed
CVE-2024-38435
was published
Jul 21, 2024
IBM Security Verify Access 10.0.0.0 through 10.0.7.1, under certain configurations, could allow...
Moderate
Unreviewed
CVE-2024-31883
was published
Jun 27, 2024
Kubelet Incorrect Privilege Assignment
Moderate
CVE-2019-11245
was published
for
k8s.io/kubernetes/cmd/kubelet
(Go)
Apr 24, 2024
vitess allows users to create keyspaces that can deny access to already existing keyspaces
Moderate
CVE-2023-29194
was published
for
vitess.io/vitess
(Go)
Apr 11, 2023
An Improper Check or Handling of Exceptional Conditions vulnerability in the Packet Forwarding...
Moderate
Unreviewed
CVE-2024-21593
was published
Apr 12, 2024
An improper check or handling of exceptional conditions vulnerability [CWE-703] in Fortinet...
Moderate
Unreviewed
CVE-2024-26007
was published
May 14, 2024
An Improper Check or Handling of Exceptional Conditions vulnerability in the Packet Forwarding...
Moderate
Unreviewed
CVE-2023-44203
was published
Oct 13, 2023
An Improper Check or Handling of Exceptional Conditions vulnerability in the Layer-2 control...
Moderate
Unreviewed
CVE-2023-36849
was published
Jul 14, 2023
An Improper Check or Handling of Exceptional Conditions vulnerability in packet processing on the...
Moderate
Unreviewed
CVE-2023-28970
was published
Apr 18, 2023
An Improper Check or Handling of Exceptional Conditions vulnerability in packet processing of...
Moderate
Unreviewed
CVE-2023-28959
was published
Apr 18, 2023
A vulnerability in the Simple Network Management Protocol (SNMP) feature of Cisco Adaptive...
Moderate
Unreviewed
CVE-2022-20924
was published
Nov 16, 2022
An Improper Check for Unusual or Exceptional Conditions vulnerability in Juniper DHCP Daemon ...
Moderate
Unreviewed
CVE-2023-36842
was published
Jan 12, 2024
Rust EVM erroneousle handles `record_external_operation` error return
Moderate
CVE-2024-21629
was published
for
evm
(Rust)
Jan 3, 2024
An improper handling of a malformed API answer packets to API clients in Bosch BT software...
Moderate
Unreviewed
CVE-2023-35867
was published
Dec 22, 2023
VTAdmin users that can create shards can deny access to other functions
Moderate
CVE-2023-29195
was published
for
vitess.io/vitess
(Go)
May 11, 2023
A local file deletion vulnerability in Palo Alto Networks PAN-OS software enables an...
Moderate
Unreviewed
CVE-2023-0004
was published
Apr 12, 2023
nadesiko3 allows remote attacker to inject invalid value to decodeURIComponent of nako3edit
Moderate
CVE-2022-41777
was published
for
nadesiko3
(npm)
Dec 5, 2022
ProTip!
Advisories are also available from the
GraphQL API