Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

755 advisories

Loading
Mattermost fails to enforce a limit for the size of the cache entry for OpenGraph data allowing... High Unreviewed
CVE-2023-5330 was published Oct 9, 2023
A vulnerability in an API endpoint of multiple Cisco Unified Communications Products could allow... High Unreviewed
CVE-2023-20259 was published Oct 4, 2023
Transient DOS in WLAN Firmware while parsing a NAN management frame. High Unreviewed
CVE-2023-33026 was published Oct 3, 2023
A vulnerability in the networking component of Cisco access point (AP) software could allow an... High Unreviewed
CVE-2023-20176 was published Sep 27, 2023
A vulnerability was found in MariaDB. An OpenVAS port scan on ports 3306 and 4567 allows a... High Unreviewed
CVE-2023-5157 was published Sep 27, 2023
Certain WithSecure products allow a remote crash of a scanning engine via unpacking of a PE file.... High Unreviewed
CVE-2023-42523 was published Sep 18, 2023
Certain WithSecure products allow a remote crash of a scanning engine via processing of an import... High Unreviewed
CVE-2023-42522 was published Sep 18, 2023
Certain WithSecure products allow a remote crash of a scanning engine via processing of a... High Unreviewed
CVE-2023-42521 was published Sep 18, 2023
Certain WithSecure products allow a remote crash of a scanning engine via decompression of... High Unreviewed
CVE-2023-42526 was published Sep 18, 2023
Certain WithSecure products allow a remote crash of a scanning engine via unpacking of crafted... High Unreviewed
CVE-2023-42520 was published Sep 18, 2023
Buffer Overflow vulnerability in Control de Ciber version 1.650, in the printing function.... High Unreviewed
CVE-2022-48475 was published Sep 15, 2023
Control de Ciber, in its 1.650 version, is affected by a Denial of Service condition through the... High Unreviewed
CVE-2022-48474 was published Sep 15, 2023
Cyber Control, in its 1.650 version, is affected by a vulnerability in the generation on the... High Unreviewed
CVE-2022-4896 was published Sep 15, 2023
A flaw was found in GLib. GVariant deserialization fails to validate that the input conforms to... High Unreviewed
CVE-2023-29499 was published Sep 14, 2023
A flaw was found in glib, where the gvariant deserialization code is vulnerable to a denial of... High Unreviewed
CVE-2023-32636 was published Sep 14, 2023
DHCP Server Service Denial of Service Vulnerability High Unreviewed
CVE-2023-38162 was published Sep 12, 2023
Windows TCP/IP Denial of Service Vulnerability High Unreviewed
CVE-2023-38149 was published Sep 12, 2023
Processing an incomplete post-handshake message for a QUIC connection can cause a panic. High Unreviewed
CVE-2023-39321 was published Sep 8, 2023
QUIC connections do not set an upper bound on the amount of data buffered when reading post... High Unreviewed
CVE-2023-39322 was published Sep 8, 2023
An issue has been discovered in GitLab affecting all versions starting from 15.2 before 16.1.5,... High Unreviewed
CVE-2023-4647 was published Sep 1, 2023
A remote unprivileged attacker can sent multiple packages to the LMS5xx to disrupt its... High Unreviewed
CVE-2023-4418 was published Aug 24, 2023
An adversary could crash the entire device by sending a large quantity of ICMP requests if the... High Unreviewed
CVE-2023-40709 was published Aug 24, 2023
An adversary could cause a continuous restart loop to the entire device by sending a large... High Unreviewed
CVE-2023-40710 was published Aug 24, 2023
memcached 1.6.7 allows a Denial of Service via multi-packet uploads in UDP. High Unreviewed
CVE-2022-48571 was published Aug 22, 2023
IBM WebSphere Application Server Liberty 22.0.0.13 through 23.0.0.7 is vulnerable to a denial of... High Unreviewed
CVE-2023-38737 was published Aug 16, 2023
ProTip! Advisories are also available from the GraphQL API