GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
755 advisories
Filter by severity
Mattermost fails to enforce a limit for the size of the cache entry for OpenGraph data allowing...
High
Unreviewed
CVE-2023-5330
was published
Oct 9, 2023
A vulnerability in an API endpoint of multiple Cisco Unified Communications Products could allow...
High
Unreviewed
CVE-2023-20259
was published
Oct 4, 2023
Transient DOS in WLAN Firmware while parsing a NAN management frame.
High
Unreviewed
CVE-2023-33026
was published
Oct 3, 2023
A vulnerability in the networking component of Cisco access point (AP) software could allow an...
High
Unreviewed
CVE-2023-20176
was published
Sep 27, 2023
A vulnerability was found in MariaDB. An OpenVAS port scan on ports 3306 and 4567 allows a...
High
Unreviewed
CVE-2023-5157
was published
Sep 27, 2023
Certain WithSecure products allow a remote crash of a scanning engine via unpacking of a PE file....
High
Unreviewed
CVE-2023-42523
was published
Sep 18, 2023
Certain WithSecure products allow a remote crash of a scanning engine via processing of an import...
High
Unreviewed
CVE-2023-42522
was published
Sep 18, 2023
Certain WithSecure products allow a remote crash of a scanning engine via processing of a...
High
Unreviewed
CVE-2023-42521
was published
Sep 18, 2023
Certain WithSecure products allow a remote crash of a scanning engine via decompression of...
High
Unreviewed
CVE-2023-42526
was published
Sep 18, 2023
Certain WithSecure products allow a remote crash of a scanning engine via unpacking of crafted...
High
Unreviewed
CVE-2023-42520
was published
Sep 18, 2023
Buffer Overflow vulnerability in Control de Ciber version 1.650, in the printing function....
High
Unreviewed
CVE-2022-48475
was published
Sep 15, 2023
Control de Ciber, in its 1.650 version, is affected by a Denial of Service condition through the...
High
Unreviewed
CVE-2022-48474
was published
Sep 15, 2023
Cyber Control, in its 1.650 version, is affected by a vulnerability in the generation on the...
High
Unreviewed
CVE-2022-4896
was published
Sep 15, 2023
A flaw was found in GLib. GVariant deserialization fails to validate that the input conforms to...
High
Unreviewed
CVE-2023-29499
was published
Sep 14, 2023
A flaw was found in glib, where the gvariant deserialization code is vulnerable to a denial of...
High
Unreviewed
CVE-2023-32636
was published
Sep 14, 2023
DHCP Server Service Denial of Service Vulnerability
High
Unreviewed
CVE-2023-38162
was published
Sep 12, 2023
Windows TCP/IP Denial of Service Vulnerability
High
Unreviewed
CVE-2023-38149
was published
Sep 12, 2023
Processing an incomplete post-handshake message for a QUIC connection can cause a panic.
High
Unreviewed
CVE-2023-39321
was published
Sep 8, 2023
QUIC connections do not set an upper bound on the amount of data buffered when reading post...
High
Unreviewed
CVE-2023-39322
was published
Sep 8, 2023
An issue has been discovered in GitLab affecting all versions starting from 15.2 before 16.1.5,...
High
Unreviewed
CVE-2023-4647
was published
Sep 1, 2023
A remote unprivileged attacker can sent multiple packages to the LMS5xx to disrupt its...
High
Unreviewed
CVE-2023-4418
was published
Aug 24, 2023
An adversary could crash the entire device by sending a large quantity of ICMP requests if the...
High
Unreviewed
CVE-2023-40709
was published
Aug 24, 2023
An adversary could cause a continuous restart loop to the entire device by sending a large...
High
Unreviewed
CVE-2023-40710
was published
Aug 24, 2023
memcached 1.6.7 allows a Denial of Service via multi-packet uploads in UDP.
High
Unreviewed
CVE-2022-48571
was published
Aug 22, 2023
IBM WebSphere Application Server Liberty 22.0.0.13 through 23.0.0.7 is vulnerable to a denial of...
High
Unreviewed
CVE-2023-38737
was published
Aug 16, 2023
ProTip!
Advisories are also available from the
GraphQL API