GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,262
Erlang
31
GitHub Actions
21
Go
2,024
Maven
5,000+
npm
3,731
NuGet
662
pip
3,407
Pub
12
RubyGems
891
Rust
864
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
124 advisories
Filter by severity
Visteon Infotainment VIP MCU Code Insufficient Validation of Data Authenticity Local Privilege...
High
Unreviewed
CVE-2024-8356
was published
Nov 23, 2024
VULNERABILITY DETAILS
Rockwell Automation used the latest versions of the CVSS scoring system to...
High
Unreviewed
CVE-2024-7847
was published
Oct 14, 2024
An issue was discovered in Technitium through 11.0.3. It enables attackers to conduct a DNS cache...
High
Unreviewed
CVE-2023-28457
was published
Sep 18, 2024
Insufficient data validation in Installer in Google Chrome on Windows prior to 128.0.6613.84...
High
Unreviewed
CVE-2024-7980
was published
Aug 21, 2024
Insufficient data validation in Installer in Google Chrome on Windows prior to 128.0.6613.84...
High
Unreviewed
CVE-2024-7979
was published
Aug 21, 2024
Windows Print Spooler Elevation of Privilege Vulnerability
High
Unreviewed
CVE-2024-38198
was published
Aug 13, 2024
Insufficient data validation in Dawn in Google Chrome on Android prior to 127.0.6533.88 allowed a...
High
Unreviewed
CVE-2024-7256
was published
Aug 1, 2024
Insufficient data validation in Updater in Google Chrome prior to 120.0.6099.62 allowed a remote...
High
Unreviewed
CVE-2024-3173
was published
Jul 17, 2024
Insufficient verification of data authenticity issue exists in NJ Series CPU Unit all versions...
High
Unreviewed
CVE-2024-33687
was published
Jun 24, 2024
Invision Community through 4.7.16 allows remote code execution via the applications/core/modules...
High
Unreviewed
CVE-2024-30162
was published
Jun 7, 2024
A flaw was found in Booth, a cluster ticket manager. If a specially-crafted hash is passed to...
High
Unreviewed
CVE-2024-3049
was published
Jun 6, 2024
NETGEAR RAX30 lighttpd Misconfiguration Remote Code Execution Vulnerability. This vulnerability...
High
Unreviewed
CVE-2023-27360
was published
May 3, 2024
Malformed Device Reset Locally command classes can be sent to temporarily deny service to an end...
High
Unreviewed
CVE-2024-3051
was published
Apr 27, 2024
Vulnerability of trust relationships being inaccurate in distributed scenarios. Successful...
High
Unreviewed
CVE-2023-52109
was published
Jan 16, 2024
Bashis, a Security Researcher at IPVM has found a flaw that allows for a remote code execution...
High
Unreviewed
CVE-2023-5747
was published
Nov 13, 2023
Insufficient data validation in USB in Google Chrome prior to 119.0.6045.105 allowed a remote...
High
Unreviewed
CVE-2023-5482
was published
Nov 1, 2023
When the Node.js policy feature checks the integrity of a resource against a trusted manifest,...
High
Unreviewed
CVE-2023-38552
was published
Oct 18, 2023
An insufficient verification of data vulnerability exists in BIG-IP Edge Client Installer on...
High
Unreviewed
CVE-2023-5450
was published
Oct 10, 2023
In EVE OS, the “measured boot” mechanism prevents a compromised device from accessing
the...
High
Unreviewed
CVE-2023-43636
was published
Sep 20, 2023
A vulnerability in the iPXE boot function of Cisco IOS XR software could allow an authenticated,...
High
Unreviewed
CVE-2023-20236
was published
Sep 13, 2023
Insufficient verification of data authenticity vulnerability in Delinea Secret Server, in its v10...
High
Unreviewed
CVE-2023-4589
was published
Sep 6, 2023
IBM Aspera Faspex 5.0.5 could allow a remote attacked to bypass IP restrictions due to improper...
High
Unreviewed
CVE-2023-35906
was published
Sep 5, 2023
RARLabs WinRAR before 6.23 allows attackers to execute arbitrary code when a user attempts to...
High
Unreviewed
CVE-2023-38831
was published
Aug 23, 2023
An issue was discovered on AudioCodes VoIP desk phones through 3.4.4.1000. The validation of...
High
Unreviewed
CVE-2023-22955
was published
Aug 11, 2023
ProTip!
Advisories are also available from the
GraphQL API