Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,941
Erlang
29
GitHub Actions
16
Go
1,722
Maven
4,952
npm
3,481
NuGet
605
pip
3,049
Pub
10
RubyGems
832
Rust
778
Swift
34
Unreviewed advisories
All unreviewed
5,000+

186 advisories

An Improper Handling of Exceptional Conditions vulnerability in packet processing of Juniper... High Unreviewed
CVE-2023-36832 was published Jul 14, 2023
Vulnerability of failures to capture exceptions in the communication framework. Successful... High Unreviewed
CVE-2023-1695 was published Jul 6, 2023
In Progress MOVEit Transfer before 2021.0.9 (13.0.9), 2021.1.7 (13.1.7), 2022.0.7 (14.0.7), 2022... High Unreviewed
CVE-2023-36933 was published Jul 5, 2023
In wlan firmware, there is possible system crash due to an uncaught exception. This could lead to... High Unreviewed
CVE-2023-20692 was published Jul 4, 2023
On the affected platforms running EOS, a malformed DHCP packet might cause the DHCP relay agent... High Unreviewed
CVE-2023-24510 was published Jun 6, 2023
An issue was discovered in Exynos Mobile Processor and Modem for Exynos Modem 5123, Exynos Modem... High Unreviewed
CVE-2023-29092 was published May 9, 2023
Tooljet v1.6 does not properly handle missing values in the API, allowing attackers to... High Unreviewed
CVE-2022-27978 was published Apr 26, 2023
No exception handling vulnerability which revealed sensitive or excessive information to users. High Unreviewed
CVE-2023-23837 was published Apr 25, 2023
NVIDIA ConnectX-5, ConnectX-6, and ConnectX6-DX contain a vulnerability in the NIC firmware,... High Unreviewed
CVE-2023-0204 was published Apr 22, 2023
An issue was discovered in ONOS 2.5.1. In IntentManager, the install-requested intent (which... High Unreviewed
CVE-2021-38363 was published Apr 20, 2023
A potential memory vulnerability due to insufficient input validation in PDFXEditCore.x64.dll in... High Unreviewed
CVE-2023-24308 was published Mar 28, 2023
In multiple functions of SnoozeHelper.java, there is a possible failure to persist settings due... High Unreviewed
CVE-2023-20993 was published Mar 24, 2023
A vulnerability in class-of-service (CoS) queue management in Juniper Networks Junos OS on the... High Unreviewed
CVE-2023-22391 was published Jan 13, 2023
An improper handling of exceptional conditions vulnerability in Trend Micro Apex One and Apex One... High Unreviewed
CVE-2022-44652 was published Dec 12, 2022
go-merkledag's ProtoNode may be modified such that common method calls may panic High
CVE-2022-23495 was published for github.com/ipfs/go-merkledag (Go) Dec 8, 2022
mrd0ll4r
Yauaa vulnerable to ArrayIndexOutOfBoundsException triggered by a crafted Sec-Ch-Ua-Full-Version-List High
CVE-2022-23496 was published for nl.basjes.parse.useragent:yauaa (Maven) Dec 8, 2022
Redmine 5.x before 5.0.4 allows downloading of file attachments of any Issue or any Wiki page due... High Unreviewed
CVE-2022-44030 was published Dec 7, 2022
A vulnerability in the processing of SSH connections of Cisco Firepower Management Center (FMC)... High Unreviewed
CVE-2022-20854 was published Nov 16, 2022
A denial of service vulnerability exists in the web_server hashFirst functionality of Robustel... High Unreviewed
CVE-2022-35268 was published Oct 25, 2022
A vulnerability in the SSH implementation of Cisco IOS Software and Cisco IOS XE Software could... High Unreviewed
CVE-2022-20920 was published Oct 11, 2022
Traefik HTTP/2 connections management could cause a denial of service High
CVE-2022-39271 was published for github.com/traefik/traefik/v2 (Go) Oct 10, 2022
A maliciously crafted PDF file when parsed through Autodesk AutoCAD 2023 causes an unhandled... High Unreviewed
CVE-2022-33887 was published Oct 4, 2022
A maliciously crafted MODEL and SLDPRT file can be used to write beyond the allocated buffer... High Unreviewed
CVE-2022-33886 was published Oct 4, 2022
A vulnerability in the processing of malformed Common Industrial Protocol (CIP) packets that are... High Unreviewed
CVE-2022-20919 was published Oct 1, 2022
** UNSUPPORTED WHEN ASSIGNED ** sys/netinet/tcp_timer.h in FreeBSD before 7.0 contains a denial... High Unreviewed
CVE-2022-32264 was published Sep 7, 2022
ProTip! Advisories are also available from the GraphQL API