Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,189
Erlang
31
GitHub Actions
19
Go
1,985
Maven
5,000+
npm
3,701
NuGet
657
pip
3,326
Pub
11
RubyGems
882
Rust
836
Swift
35
Unreviewed advisories
All unreviewed
5,000+

27 advisories

Loading
The Waybox Enel X web management application contains a PHP-type juggling vulnerability that may... Moderate Unreviewed
CVE-2023-29126 was published Nov 5, 2024
Improper validation of specified type of input for some Intel(R) PROSet/Wireless and Intel(R)... Moderate Unreviewed
CVE-2023-32651 was published Oct 29, 2024
A vulnerability in the Dynamic Access Policies (DAP) feature of Cisco Adaptive Security Appliance... High Unreviewed
CVE-2024-20408 was published Oct 23, 2024
A vulnerability in the TLS cryptography functionality of Cisco Adaptive Security Appliance (ASA)... High Unreviewed
CVE-2024-20494 was published Oct 23, 2024
An Improper Validation of Specified Type of Input vulnerability in the packet forwarding engine ... High Unreviewed
CVE-2024-47504 was published Oct 11, 2024
The MiCard PLUS Ci and MiCard PLUS BLE reader products developed by rf IDEAS and rebranded by NT... Moderate Unreviewed
CVE-2024-1578 was published Sep 16, 2024
Insufficient data validation in Extensions in Google Chrome prior to 120.0.6099.62 allowed a... Moderate Unreviewed
CVE-2024-3175 was published Jul 17, 2024
ServiceNow has addressed an input validation vulnerability that was identified in Vancouver and... Critical Unreviewed
CVE-2024-4879 was published Jul 10, 2024
IBM QRadar Suite Software 1.10.12.0 through 1.10.21.0 and IBM Cloud Pak for Security 1.10.12.0... High Unreviewed
CVE-2023-47726 was published Jun 18, 2024
IBM Cloud Pak for Security 1.10.0.0 through 1.10.11.0 and IBM QRadar Suite Software 1.10.12.0... Moderate Unreviewed
CVE-2023-47727 was published May 2, 2024
An Improper Validation of Specified Type of Input vulnerability in Routing Protocol Daemon (RPD)... High Unreviewed
CVE-2024-30395 was published Apr 12, 2024
In FRRouting (FRR) through 9.1, an attacker using a malformed Prefix SID attribute in a BGP... Moderate Unreviewed
CVE-2024-31948 was published Apr 7, 2024
In Splunk Enterprise versions below 9.2.1, 9.1.4, and 9.0.9, the Dashboard Examples Hub in the... High Unreviewed
CVE-2024-29946 was published Mar 27, 2024
An issue has been discovered in GitLab EE affecting all versions starting before 16.4.4, all... Moderate Unreviewed
CVE-2023-3904 was published Dec 15, 2023
Denial of Service in pipelines affecting all versions of Gitlab EE and CE prior to 16.2.8, 16.3... High Unreviewed
CVE-2023-3917 was published Sep 29, 2023
An input validation issue in the asset proxy in GitLab EE, affecting all versions from 12.3 prior... Low Unreviewed
CVE-2023-3906 was published Sep 29, 2023
An issue has been discovered in GitLab affecting all versions starting from 16.2.0. Committing... Moderate Unreviewed
CVE-2023-4522 was published Aug 30, 2023
An issue has been discovered in GitLab CE/EE affecting all versions starting from 16.1 before 16... High Unreviewed
CVE-2023-3900 was published Aug 2, 2023
A URL parameter during login flow was vulnerable to injection. An attacker could insert a... Moderate Unreviewed
CVE-2023-28799 was published Jun 22, 2023
Kubelet vulnerable to bypass of seccomp profile enforcement Moderate
CVE-2023-2431 was published for k8s.io/kubernetes (Go) Jun 16, 2023
Improper Input Validation vulnerability in PHOENIX CONTACT FL/TC MGUARD Family in multiple... Moderate Unreviewed
CVE-2023-2673 was published Jun 13, 2023
A vulnerability has been identified in SIMATIC Drive Controller family (All versions < V3.0.1),... High Unreviewed
CVE-2021-44694 was published Dec 13, 2022
A vulnerability has been identified in SICAM PAS/PQS (All versions < V7.0), SICAM PAS/PQS (All... High Unreviewed
CVE-2022-43723 was published Dec 13, 2022
phpCAS vulnerable to Service Hostname Discovery Exploitation High
CVE-2022-39369 was published for apereo/phpcas (Composer) Nov 1, 2022
Insufficient validation when decoding a Socket.IO packet Critical
CVE-2022-2421 was published for socket.io-parser (npm) Oct 26, 2022
darrachequesne kurt-r2c
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database