Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,626
Erlang
29
GitHub Actions
16
Go
1,698
Maven
4,936
npm
3,466
NuGet
601
pip
2,975
Pub
10
RubyGems
826
Rust
767
Swift
34
Unreviewed advisories
All unreviewed
5,000+

381 advisories

TypedArrays can be fallible and lacked proper exception handling. This could lead to abuse in... High Unreviewed
CVE-2023-6866 was published Dec 19, 2023
Unauthenticated Denial of Service in the octokit/webhooks library High
CVE-2023-50728 was published for @octokit/app (npm) Dec 16, 2023
An uncaught exception issue discovered in Softing OPC UA C++ SDK before 6.30 for Windows... High Unreviewed
CVE-2023-41151 was published Dec 14, 2023
There is a denial of service vulnerability in some ZTE mobile internet products. Due to... Moderate Unreviewed
CVE-2023-25644 was published Dec 14, 2023
Microweber missing standardized error handling mechanism Low
CVE-2023-6599 was published for microweber/microweber (Composer) Dec 8, 2023
Improper exception management vulnerability in Knox Guard prior to SMR Dec-2023 Release 1 allows... Moderate Unreviewed
CVE-2023-42559 was published Dec 5, 2023
Improper handling of insufficient permissions or privileges vulnerability in Samsung Data Store... Moderate Unreviewed
CVE-2023-42578 was published Dec 5, 2023
In Perl before 5.38.2, S_parse_uniprop_string in regcomp.c can write to unallocated space because... Critical Unreviewed
CVE-2023-47100 was published Dec 3, 2023
Elasticsearch Improper Handling of Exceptional Conditions Moderate
CVE-2023-46673 was published for org.elasticsearch:elasticsearch (Maven) Nov 22, 2023
Uncaught exception for some Intel Unison software may allow an authenticated user to potentially... High Unreviewed
CVE-2023-22292 was published Nov 14, 2023
Calico Typha denial of service vulnerability High
CVE-2023-41378 was published for github.com/projectcalico/calico (Go) Nov 6, 2023
A flaw was found in KVM. An improper check in svm_set_x2apic_msr_interception() may allow direct... Moderate Unreviewed
CVE-2023-5090 was published Nov 6, 2023
bgpd/bgp_flowspec.c in FRRouting (FRR) before 8.4.3 mishandles an nlri length of zero, aka a ... Critical Unreviewed
CVE-2023-38406 was published Nov 6, 2023
Dell PowerScale OneFS 8.2.x, 9.0.0.x-9.5.0.x contains an improper handling of insufficient... Moderate Unreviewed
CVE-2023-43087 was published Nov 2, 2023
Directus crashes on invalid WebSocket message High
CVE-2023-45820 was published for directus (npm) Oct 19, 2023
nles
XNSoft Nconvert 7.136 has an Exception Handler Chain Corrupted via a crafted image file.... High Unreviewed
CVE-2023-43251 was published Oct 19, 2023
An Improper Handling of Exceptional Conditions vulnerability in AS PATH processing of Juniper... High Unreviewed
CVE-2023-44186 was published Oct 11, 2023
When IPSec is configured on a Virtual Server, undisclosed traffic can cause TMM to terminate.  ... High Unreviewed
CVE-2023-41085 was published Oct 10, 2023
Buffer Overflow vulnerability in baramundi software GmbH EMM Agent 23.1.50 and before allows an... Moderate Unreviewed
CVE-2023-37605 was published Oct 2, 2023
VP9 in libvpx before 1.13.1 mishandles widths, leading to a crash related to encoding. High Unreviewed
CVE-2023-44488 was published Sep 30, 2023
Specific Cilium configurations vulnerable to DoS via Kubernetes annotations Low
CVE-2023-41332 was published for github.com/cilium/cilium (Go) Sep 27, 2023
g-linville sayboras
A problem with a protection mechanism in the Palo Alto Networks Cortex XDR agent on Windows... Moderate Unreviewed
CVE-2023-3280 was published Sep 13, 2023
A lack of custom error pages vulnerability [CWE-756] in FortiPresence versions 1.2.0 through 1.2... Moderate Unreviewed
CVE-2023-27998 was published Sep 13, 2023
Apollo Router Unnamed "Subscription" operation results in Denial-of-Service Moderate
CVE-2023-41317 was published for apollo-router (Rust) Sep 7, 2023
nmoutschen abernix
o0Ignition0o BrynCooke peakematt jasonbarnett667 Geal
A vulnerability in the RADIUS message processing feature of Cisco Identity Services Engine (ISE)... High Unreviewed
CVE-2023-20243 was published Sep 6, 2023
ProTip! Advisories are also available from the GraphQL API