GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
233 advisories
Filter by severity
A vulnerability in a specific Cisco ISE CLI command could allow an authenticated, local attacker...
Moderate
Unreviewed
CVE-2023-20170
was published
Nov 1, 2023
A vulnerability in the ClearPass Policy Manager web-based management interface allows remote...
Moderate
Unreviewed
CVE-2023-43510
was published
Oct 25, 2023
?A command injection vulnerability exists in Trane XL824, XL850, XL1050, and Pivot thermostats...
Moderate
Unreviewed
CVE-2023-4212
was published
Aug 22, 2023
A vulnerability was found in Beijing Baichuo Smart S85F Management Platform up to 20230807. It...
Moderate
Unreviewed
CVE-2023-4414
was published
Aug 18, 2023
A vulnerability in Cisco Intersight Virtual Appliance could allow an unauthenticated, adjacent...
Moderate
Unreviewed
CVE-2023-20237
was published
Aug 17, 2023
Harman Infotainment 20190525031613 and later allows command injection via unauthenticated RPC...
Moderate
Unreviewed
CVE-2023-40293
was published
Aug 14, 2023
A vulnerability was found in Beijing Baichuo Smart S85F Management Platform up to 20230722 and...
Moderate
Unreviewed
CVE-2023-4120
was published
Aug 3, 2023
Attackers with access to user accounts can inject arbitrary control characters to SIEVE mail...
Moderate
Unreviewed
CVE-2023-26430
was published
Aug 2, 2023
Insufficient validation of untrusted input in Chromad in Google Chrome on ChromeOS prior to 115.0...
Moderate
Unreviewed
CVE-2023-3739
was published
Aug 2, 2023
Brocade Fabric OS before Brocade Fabric OS v9.1.1c, v9.2.0 contains a vulnerability when using...
Moderate
Unreviewed
CVE-2023-31429
was published
Aug 1, 2023
An attacker having physical access to WDM can plug USB device to gain access and execute unwanted...
Moderate
Unreviewed
CVE-2022-46361
was published
Jul 6, 2023
Post-authentication remote command injection vulnerabilities in Western Digital My Cloud OS 5...
Moderate
Unreviewed
CVE-2023-22815
was published
Jul 1, 2023
Control characters were not removed when exporting user feedback content. This allowed attackers...
Moderate
Unreviewed
CVE-2023-26429
was published
Jun 20, 2023
A vulnerability classified as problematic was found in Chengdu VEC40G 3.0. Affected by this...
Moderate
Unreviewed
CVE-2023-3206
was published
Jun 12, 2023
An issue was discovered in Citadel through webcit-926. Meddler-in-the-middle attackers can...
Moderate
Unreviewed
CVE-2020-29547
was published
May 29, 2023
A vulnerability was found in Caton Live up to 2023-04-26 and classified as critical. This issue...
Moderate
Unreviewed
CVE-2023-2682
was published
May 12, 2023
An issue was discovered on GL.iNet devices before 3.216. There is an arbitrary file write in...
Moderate
Unreviewed
CVE-2023-31473
was published
May 11, 2023
A vulnerability was found in Weaver E-Office 9.5 and classified as critical. Affected by this...
Moderate
Unreviewed
CVE-2023-2647
was published
May 11, 2023
A vulnerability was found in Ubiquiti EdgeRouter X up to 2.0.9-hotfix.6. It has been rated as...
Moderate
Unreviewed
CVE-2023-2378
was published
Apr 28, 2023
A vulnerability was found in Ubiquiti EdgeRouter X up to 2.0.9-hotfix.6. It has been declared as...
Moderate
Unreviewed
CVE-2023-2377
was published
Apr 28, 2023
A vulnerability was found in Ubiquiti EdgeRouter X up to 2.0.9-hotfix.6. It has been classified...
Moderate
Unreviewed
CVE-2023-2376
was published
Apr 28, 2023
A vulnerability was found in Ubiquiti EdgeRouter X up to 2.0.9-hotfix.6 and classified as...
Moderate
Unreviewed
CVE-2023-2375
was published
Apr 28, 2023
A vulnerability, which was classified as critical, was found in Ubiquiti EdgeRouter X up to 2.0.9...
Moderate
Unreviewed
CVE-2023-2373
was published
Apr 28, 2023
A vulnerability has been found in Ubiquiti EdgeRouter X up to 2.0.9-hotfix.6 and classified as...
Moderate
Unreviewed
CVE-2023-2374
was published
Apr 28, 2023
Amanda 3.5.1 allows privilege escalation from the regular user backup to root. The SUID binary...
Moderate
Unreviewed
CVE-2022-37704
was published
Apr 16, 2023
ProTip!
Advisories are also available from the
GraphQL API