GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
90,148 advisories
Filter by severity
ftpd before "NetBSD-ftpd 20230930" can leak information about the host filesystem before...
High
Unreviewed
CVE-2023-45198
was published
Oct 5, 2023
An issue was discovered in WatchGuard EPDR 8.0.21.0002. Due to a weak implementation of message...
High
Unreviewed
CVE-2023-26236
was published
Oct 5, 2023
File Upload vulnerability in Digital China Networks DCFW-1800-SDC v.3.0 allows an authenticated...
High
Unreviewed
CVE-2023-43321
was published
Oct 5, 2023
Kong Insomnia 2023.4.0 on macOS allows attackers to execute code and access restricted files, or...
High
Unreviewed
CVE-2023-40299
was published
Oct 5, 2023
Atos Unify OpenScape Session Border Controller through V10 R3.01.03 allows execution of OS...
High
Unreviewed
CVE-2023-36618
was published
Oct 4, 2023
The issue was addressed with improved checks. This issue is fixed in iOS 17.0.3 and iPadOS 17.0.3...
High
Unreviewed
CVE-2023-42824
was published
Oct 4, 2023
An improper input validation flaw was found in the eBPF subsystem in the Linux kernel. The issue...
High
Unreviewed
CVE-2023-39191
was published
Oct 4, 2023
Sensitive information disclosure and manipulation due to missing authorization. The following...
High
Unreviewed
CVE-2023-44210
was published
Oct 4, 2023
An arbitrary file upload vulnerability in Personal Management System v1.4.64 allows attackers to...
High
Unreviewed
CVE-2023-43838
was published
Oct 4, 2023
A vulnerability in an API endpoint of multiple Cisco Unified Communications Products could allow...
High
Unreviewed
CVE-2023-20259
was published
Oct 4, 2023
A vulnerability in the on-device application development workflow feature for the Cisco IOx...
High
Unreviewed
CVE-2023-20235
was published
Oct 4, 2023
Garuda Linux performs an insecure user creation and authentication that allows any user to...
High
Unreviewed
CVE-2021-3784
was published
Oct 4, 2023
Cross-Site Request Forgery (CSRF) vulnerability in theDotstore Dynamic Pricing and Discount Rules...
High
Unreviewed
CVE-2023-40559
was published
Oct 4, 2023
Cross-Site Request Forgery (CSRF) vulnerability in theDotstore Enhanced Ecommerce Google...
High
Unreviewed
CVE-2023-40561
was published
Oct 4, 2023
A code injection vulnerability in Trellix ENS 10.7.0 April 2023 release and earlier, allowed a...
High
Unreviewed
CVE-2023-3665
was published
Oct 4, 2023
Cross-Site Request Forgery (CSRF) vulnerability in YAS Global Team Make Paths Relative plugin <=...
High
Unreviewed
CVE-2023-27433
was published
Oct 4, 2023
An improper access control flaw was found in Candlepin. An attacker can create data scoped under...
High
Unreviewed
CVE-2023-1832
was published
Oct 4, 2023
Cross-Site Request Forgery (CSRF) vulnerability in Chetan Gole WP-CopyProtect [Protect your blog...
High
Unreviewed
CVE-2023-25025
was published
Oct 4, 2023
A vulnerability classified as critical has been found in SourceCodester Online Computer and...
High
Unreviewed
CVE-2023-5373
was published
Oct 4, 2023
Aqua Drive, in its 2.4 version, is vulnerable to a relative path traversal vulnerability. By...
High
Unreviewed
CVE-2023-3701
was published
Oct 4, 2023
Improper authorisation of regular users in ProIntegra Uptime DC software (versions below 2.0.0...
High
Unreviewed
CVE-2023-4997
was published
Oct 4, 2023
Cross-Site Request Forgery (CSRF) vulnerability in CAGE Web Design | Rolf van Gelder Optimize...
High
Unreviewed
CVE-2023-25980
was published
Oct 4, 2023
Cross-Site Request Forgery (CSRF) vulnerability in Saphali Saphali Woocommerce Lite plugin <= 1.8...
High
Unreviewed
CVE-2023-25788
was published
Oct 4, 2023
Relative path traversal vulnerability in Setelsa Security's ConacWin CB, in its 3.8.2.2 version...
High
Unreviewed
CVE-2023-3512
was published
Oct 4, 2023
Cross-Site Request Forgery (CSRF) vulnerability in Chetan Gole WP-CopyProtect [Protect your blog...
High
Unreviewed
CVE-2023-37995
was published
Oct 4, 2023
ProTip!
Advisories are also available from the
GraphQL API