Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,652
Erlang
34
GitHub Actions
26
Go
2,257
Maven
5,000+
npm
3,909
NuGet
704
pip
3,680
Pub
12
RubyGems
915
Rust
943
Swift
38
Unreviewed advisories
All unreviewed
5,000+

367 advisories

Loading
Improper Input Validation vulnerability in simulation function of GX Works2 allows an attacker to... Low Unreviewed
CVE-2023-5274 was published Nov 30, 2023
Improper Input Validation vulnerability in simulation function of GX Works2 allows an attacker to... Low Unreviewed
CVE-2023-5275 was published Nov 30, 2023
Improper Input Validation in Checkmk <2.2.0p15, <2.1.0p37, <=2.0.0p39 allows priviledged... Low Unreviewed
CVE-2023-23549 was published Nov 15, 2023
Improper input validation in the BIOS firmware for some Intel(R) Processors may allow an... Low Unreviewed
CVE-2023-22329 was published Nov 14, 2023
Improper input validation for some Intel Unison software may allow an authenticated user to... Low Unreviewed
CVE-2022-45469 was published Nov 14, 2023
An issue has been discovered in GitLab EE with Advanced Search affecting all versions from 13.9... Low Unreviewed
CVE-2023-5963 was published Nov 6, 2023
Improper access control in Elenos ETG150 FM transmitter v3.12 allows attackers to make arbitrary... Low Unreviewed
CVE-2023-37833 was published Nov 1, 2023
An input validation issue in the asset proxy in GitLab EE, affecting all versions from 12.3 prior... Low Unreviewed
CVE-2023-3906 was published Sep 29, 2023
Silverstripe Framework: Members with no password can be created and bypass custom login forms Low
CVE-2023-32302 was published for silverstripe/framework (Composer) Jul 31, 2023
sabina-talipova bimthebam
maxime-rainville
Magento Open Source affected by Improper Input Validation Low
CVE-2023-29293 was published for magento/community-edition (Composer) Jun 15, 2023
A segmentation fault flaw was found in the Advancecomp package. This may lead to decreased... Low Unreviewed
CVE-2023-2961 was published Jun 6, 2023
In onCreatePreferences of EditInfoFragment.java, there is a possible way to read contacts... Low Unreviewed
CVE-2023-20932 was published Feb 28, 2023
Incorrect parsing of nameless cookies leads to __Host- cookies bypass Low
CVE-2023-23934 was published for Werkzeug (pip) Feb 15, 2023
lavish
IPython vulnerable to command injection via set_term_title Low
CVE-2023-24816 was published for ipython (pip) Feb 10, 2023
Improper input validation vulnerability in TelephonyUI prior to SMR Jan-2023 Release 1 allows... Low Unreviewed
CVE-2023-21428 was published Feb 9, 2023
Improper input validation in Bixby Vision prior to version 3.7.70.17 allows attacker to access... Low Unreviewed
CVE-2023-21431 was published Feb 9, 2023
Panic due to malformed WALs in go.etcd.io/etcd Low
CVE-2020-15106 was published for go.etcd.io/etcd (Go) Feb 7, 2023
Insufficient input validation in the SMU may allow a physical attacker to exfiltrate SMU memory... Low Unreviewed
CVE-2023-20528 was published Jan 11, 2023
In multiple locations, there is a possible display crash loop due to improper input validation.... Low Unreviewed
CVE-2022-20543 was published Dec 19, 2022
An input validation vulnerability exists in Openshift Enterprise due to a 1:1 mapping of tenants... Low Unreviewed
CVE-2017-7517 was published Oct 17, 2022
When curl is used to retrieve and parse cookies from a HTTP(S) server, itaccepts cookies using... Low Unreviewed
CVE-2022-35252 was published Sep 25, 2022
personnummer/dart vulnerable to Improper Input Validation Low
CVE-2023-22963 was published for personnummer (Pub) Sep 19, 2022
In Core Utilities, there is a possible way to craft a malformed Uri object due to improper input... Low Unreviewed
CVE-2022-20338 was published Aug 13, 2022
In Messaging, there is a possible way to attach a private file to an SMS message due to improper... Low Unreviewed
CVE-2022-20241 was published Aug 12, 2022
In JetBrains IntelliJ IDEA before 2022.2 email address validation in the "Git User Name Is Not... Low Unreviewed
CVE-2022-37010 was published Jul 29, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database