Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,652
Erlang
34
GitHub Actions
26
Go
2,257
Maven
5,000+
npm
3,909
NuGet
704
pip
3,680
Pub
12
RubyGems
915
Rust
943
Swift
38
Unreviewed advisories
All unreviewed
5,000+

838 advisories

Loading
A command injection vulnerability was identified in GitHub Enterprise Server that allowed an... Critical Unreviewed
CVE-2024-1374 was published Feb 13, 2024
A command injection vulnerability was identified in GitHub Enterprise Server that allowed an... Critical Unreviewed
CVE-2024-1378 was published Feb 13, 2024
A command injection vulnerability was identified in GitHub Enterprise Server that allowed an... Critical Unreviewed
CVE-2024-1372 was published Feb 13, 2024
A command injection vulnerability was identified in GitHub Enterprise Server that allowed an... Critical Unreviewed
CVE-2024-1369 was published Feb 13, 2024
A command injection vulnerability was identified in GitHub Enterprise Server that allowed an... Critical Unreviewed
CVE-2024-1359 was published Feb 13, 2024
Microsoft Outlook Remote Code Execution Vulnerability Critical Unreviewed
CVE-2024-21413 was published Feb 13, 2024
Django Template Engine Vulnerable to XSS Critical
CVE-2024-22199 was published for github.com/gofiber/template/django/v3 (Go) Jan 11, 2024
bastianwegge sixcolors
gaby ReneWerner87 efectn
Duplicate Advisory: NuGet Client Security Feature Bypass Vulnerability Critical
GHSA-jw42-5m4v-9c8g was published for NuGet.CommandLine (NuGet) Jan 9, 2024 withdrawn
A vulnerability has been identified in SIMATIC IPC1047E (All versions with maxView Storage... Critical Unreviewed
CVE-2023-51438 was published Jan 9, 2024
A security issue exists in D-Link D-View 8 v2.0.2.89 and prior that could allow an attacker to... Critical Unreviewed
CVE-2023-7163 was published Dec 28, 2023
Increasing the resolution of video frames, while performing a multi-threaded encode, can result... Critical Unreviewed
CVE-2023-6879 was published Dec 28, 2023
The Zabbix Agent 2 item key smart.disk.get does not sanitize its parameters before passing them... Critical Unreviewed
CVE-2023-32728 was published Dec 22, 2023
An unvalidated input in a library function responsible for communicating between secure and non... Critical Unreviewed
CVE-2023-4020 was published Dec 15, 2023
tj-actions/branch-names's Improper Sanitization of Branch Name Leads to Arbitrary Code Injection Critical
CVE-2023-49291 was published for tj-actions/branch-names (GitHub Actions) Dec 5, 2023
AdnaneKhan R3x
An issue in RedisGraph v.2.12.10 allows an attacker to execute arbitrary code and cause a denial... Critical Unreviewed
CVE-2023-47003 was published Nov 16, 2023
Failure to validate the AMD SMM communication buffer may allow an attacker to corrupt the SMRAM... Critical Unreviewed
CVE-2022-23820 was published Nov 14, 2023
The 1E-Exchange-DisplayMessageinstruction that is part of the End-User Interaction product pack... Critical Unreviewed
CVE-2023-5964 was published Nov 6, 2023
The 1E-Exchange-URLResponseTime instruction that is part of the Network product pack available on... Critical Unreviewed
CVE-2023-45161 was published Nov 6, 2023
The 1E-Exchange-CommandLinePing instruction that is part of the Network product pack available... Critical Unreviewed
CVE-2023-45163 was published Nov 6, 2023
Chunghwa Telecom NOKIA G-040W-Q Firewall function has a vulnerability of input validation for... Critical Unreviewed
CVE-2023-41355 was published Nov 3, 2023
Improper Input Validation in GitHub repository mintplex-labs/anything-llm prior to 0.1.0. Critical Unreviewed
CVE-2023-5832 was published Oct 30, 2023
An Improper Input Validation vulnerability in Zscaler Client Connector on Linux allows Privilege... Critical Unreviewed
CVE-2023-28805 was published Oct 23, 2023
CSRF Token Reuse Vulnerability Critical
CVE-2023-45128 was published for github.com/gofiber/fiber/v2 (Go) Oct 17, 2023
rere61 sixcolors
the-hotmann gaby efectn ReneWerner87
FactoryTalk Linx, in the Rockwell Automation PanelView Plus, allows an unauthenticated threat... Critical Unreviewed
CVE-2023-29464 was published Oct 13, 2023
Dell SmartFabric Storage Software version 1.3 and lower contain an improper input validation... Critical Unreviewed
CVE-2023-32485 was published Oct 5, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database