GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,097
Erlang
29
GitHub Actions
19
Go
1,925
Maven
5,000+
npm
3,657
NuGet
638
pip
3,264
Pub
10
RubyGems
873
Rust
823
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
316 advisories
Filter by severity
An issue has been discovered in GitLab affecting all versions starting from 8.15 before 16.2.8,...
High
Unreviewed
CVE-2023-3922
was published
Sep 29, 2023
This vulnerability allows an already authenticated admin user to create a malicious payload that...
High
Unreviewed
CVE-2024-1882
was published
Mar 14, 2024
A low privileged remote attacker with write permissions can reconfigure the SNMP service due to...
High
Unreviewed
CVE-2024-43388
was published
Sep 10, 2024
Improper neutralization of active check command arguments in Checkmk < 2.1.0p32, < 2.0.0p38, < 2...
High
Unreviewed
CVE-2023-31209
was published
Aug 10, 2023
stitionai/devika main branch as of commit cdfb782b0e634b773b10963c8034dc9207ba1f9f is vulnerable...
High
Unreviewed
CVE-2024-6331
was published
Aug 4, 2024
An injection issue was addressed with improved input validation. This issue is fixed in macOS...
High
Unreviewed
CVE-2024-23268
was published
Mar 8, 2024
An injection issue was addressed with improved input validation. This issue is fixed in macOS...
High
Unreviewed
CVE-2024-23274
was published
Mar 8, 2024
DrayTek Vigor2960 1.3.1_Beta; Vigor3900 1.4.4_Beta; and Vigor300B 1.3.3_Beta, 1.4.2.1_Beta, and 1...
High
Unreviewed
CVE-2020-8515
was published
May 24, 2022
modules/Users/models/Module.php in Vtiger CRM 7.5.0 allows a remote authenticated attacker to run...
High
Unreviewed
CVE-2023-46304
was published
Apr 30, 2024
By sending specific queries to the resolver, an attacker can cause named to crash.
High
Unreviewed
CVE-2022-3080
was published
Sep 22, 2022
Versions of the package yhirose/cpp-httplib before 0.12.4 are vulnerable to CRLF Injection when...
High
Unreviewed
CVE-2023-26130
was published
May 30, 2023
An SQL injection vulnerability exists in TapHome core HandleMessageUpdateDevicePropertiesRequest...
High
Unreviewed
CVE-2023-2760
was published
Jul 17, 2023
The eGain Web Email API 11+ allows spoofed messages because the fromName and message fields (to ...
High
Unreviewed
CVE-2019-17123
was published
May 24, 2022
A code injection vulnerability in Trellix ENS 10.7.0 April 2023 release and earlier, allowed a...
High
Unreviewed
CVE-2023-3665
was published
Oct 4, 2023
A vulnerability in input validation exists in curl <8.0 during communication using the TELNET...
High
Unreviewed
CVE-2023-27533
was published
Mar 30, 2023
Super Store Finder 3.7 and below is vulnerable to authenticated Arbitrary PHP Code Injection that...
High
Unreviewed
CVE-2023-43835
was published
Oct 2, 2023
Phpipam before v1.5.2 was discovered to contain a LDAP injection vulnerability via the dname...
High
Unreviewed
CVE-2023-41580
was published
Oct 2, 2023
CSV Injection vulnerability in GNOME time tracker version 3.0.2, allows local attackers to...
High
Unreviewed
CVE-2023-36250
was published
Sep 14, 2023
A vulnerability in RDPngFileUpload.dll, as used in the IRM Next Generation booking system, allows...
High
Unreviewed
CVE-2023-39424
was published
Sep 7, 2023
Mattermost fails to restrict which parameters' values it takes from the request during signup...
High
Unreviewed
CVE-2023-4478
was published
Aug 25, 2023
CSV Injection vulnerability in ChurchCRM version 4.2.0, allows remote attackers to execute...
High
Unreviewed
CVE-2020-28848
was published
Aug 11, 2023
Crypto wallets implementing the Lindell17 TSS protocol might allow an attacker to extract the...
High
Unreviewed
CVE-2023-33242
was published
Aug 10, 2023
An injection issue was addressed with improved input validation. This issue is fixed in macOS...
High
Unreviewed
CVE-2023-38609
was published
Jul 28, 2023
Improper Input Validation vulnerability in the ContentType parameter for attachments on...
High
Unreviewed
CVE-2023-38060
was published
Jul 24, 2023
In Progress OpenEdge OEM (OpenEdge Management) and OEE (OpenEdge Explorer) before 12.7, a remote...
High
Unreviewed
CVE-2023-34203
was published
Jun 23, 2023
ProTip!
Advisories are also available from the
GraphQL API