GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
1,532 advisories
Filter by severity
Uncontrolled resource consumption in Zoom SDKs before 5.14.7 may allow an unauthenticated user to...
High
Unreviewed
CVE-2023-36533
was published
Aug 8, 2023
A
segmentation fault can occur in Brocade Fabric OS after Brocade Fabric
OS v9.0 and before...
Moderate
Unreviewed
CVE-2023-4162
was published
Aug 31, 2023
An issue was discovered in Technitium 11.0.2. There is a vulnerability (called BadDNS) in DNS...
High
Unreviewed
CVE-2023-28451
was published
Sep 18, 2024
Vulnerability in CIRCUTOR TCP2RS+ firmware version 1.3b, which could allow an attacker to modify...
Moderate
Unreviewed
CVE-2024-8892
was published
Sep 18, 2024
The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.7,...
High
Unreviewed
CVE-2024-44169
was published
Sep 17, 2024
A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS...
High
Unreviewed
CVE-2024-44160
was published
Sep 17, 2024
An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in...
High
Unreviewed
CVE-2024-40841
was published
Sep 17, 2024
This issue was addressed through improved state management. This issue is fixed in iOS 18 and...
High
Unreviewed
CVE-2024-27874
was published
Sep 17, 2024
Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core)...
High
Unreviewed
CVE-2023-21838
was published
Jan 18, 2023
In Artifex MuPDF 1.14.0, svg/svg-run.c allows remote attackers to cause a denial of service ...
Moderate
Unreviewed
CVE-2018-19881
was published
May 14, 2022
Vulnerability in the Oracle Health Sciences InForm product of Oracle Health Sciences Applications...
Moderate
Unreviewed
CVE-2023-21925
was published
Apr 18, 2023
Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core)...
High
Unreviewed
CVE-2023-21964
was published
Apr 18, 2023
A vulnerability was found in Samba's "rpcecho" development server, a non-Windows RPC server used...
Moderate
Unreviewed
CVE-2023-42669
was published
Nov 6, 2023
An unauthenticated denial of service vulnerability exists in the SMM v1, SMM v2, and FPC...
High
Unreviewed
CVE-2023-2992
was published
Jun 26, 2023
A flaw was found in PostgreSQL involving the pg_cancel_backend role that signals background...
Low
Unreviewed
CVE-2023-5870
was published
Dec 10, 2023
An issue was discovered in VirtoSoftware Virto Bulk File Download 5.5.44 for SharePoint 2019. The...
Moderate
Unreviewed
CVE-2024-33881
was published
Jun 24, 2024
Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Web...
High
Unreviewed
CVE-2023-21996
was published
Apr 18, 2023
Precor touchscreen console P62, P80, and P82 contains a default SSH public key in the...
High
Unreviewed
CVE-2023-49224
was published
Jun 7, 2024
An issue was discovered in Mbed TLS 3.5.1. There is persistent handshake denial if a client sends...
High
Unreviewed
CVE-2024-23744
was published
Jan 22, 2024
Drivers are not always robust to extremely large draw calls and in some cases this scenario could...
High
Unreviewed
CVE-2023-5724
was published
Oct 25, 2023
An adversary could cause a continuous restart loop to the entire device by sending a large...
High
Unreviewed
CVE-2023-40710
was published
Aug 24, 2023
An adversary could crash the entire device by sending a large quantity of ICMP requests if the...
High
Unreviewed
CVE-2023-40709
was published
Aug 24, 2023
An inconsistent user interface issue was addressed with improved state management. This issue is...
Moderate
Unreviewed
CVE-2023-40408
was published
Oct 25, 2023
DHCP Server Service Denial of Service Vulnerability
High
Unreviewed
CVE-2024-38236
was published
Sep 10, 2024
Specially crafted PROFINET DCP packets sent on a local Ethernet segment (Layer 2) to an affected...
Moderate
Unreviewed
CVE-2017-2681
was published
May 13, 2022
ProTip!
Advisories are also available from the
GraphQL API