GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,030
Composer 4,303
Erlang 31
GitHub Actions 21
Go 2,071
Maven 5,246
npm 3,744
NuGet 669
pip 3,430
Pub 12
RubyGems 892
Rust 880
Swift 36

Unreviewed advisories

All unreviewed 240,584

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

271 advisories

Filter by severity

Sort by

Least recently updated

A insufficient verification of data authenticity vulnerability [CWE-345] in FortiAnalyzer version... Moderate Unreviewed

CVE-2023-42782 was published Oct 10, 2023

An insufficient verification of data vulnerability exists in BIG-IP Edge Client Installer on... High Unreviewed

CVE-2023-5450 was published Oct 10, 2023

A flaw was found in Open vSwitch that allows ICMPv6 Neighbor Advertisement packets between... Moderate Unreviewed

CVE-2023-5366 was published Oct 6, 2023

An issue has been discovered in GitLab affecting all versions starting from 11.2 before 16.2.8,... Moderate Unreviewed

CVE-2023-3920 was published Sep 29, 2023

In EVE OS, the “measured boot” mechanism prevents a compromised device from accessing the... High Unreviewed

CVE-2023-43636 was published Sep 20, 2023

A vulnerability in the iPXE boot function of Cisco IOS XR software could allow an authenticated,... High Unreviewed

CVE-2023-20236 was published Sep 13, 2023

Insufficient verification of data authenticity vulnerability in Delinea Secret Server, in its v10... High Unreviewed

CVE-2023-4589 was published Sep 6, 2023

ManageEngine ADSelfService Plus GINA Client Insufficient Verification of Data Authenticity... Moderate Unreviewed

CVE-2023-35719 was published Sep 6, 2023

IBM Aspera Faspex 5.0.5 could allow a remote attacked to bypass IP restrictions due to improper... High Unreviewed

CVE-2023-35906 was published Sep 5, 2023

RARLabs WinRAR before 6.23 allows attackers to execute arbitrary code when a user attempts to... High Unreviewed

CVE-2023-38831 was published Aug 23, 2023

An issue was discovered on AudioCodes VoIP desk phones through 3.4.4.1000. The validation of... High Unreviewed

CVE-2023-22955 was published Aug 11, 2023

Insufficient verification of data authenticity in Zoom Desktop Client for Windows before 5.14.5... High Unreviewed

CVE-2023-36541 was published Aug 8, 2023

A vulnerability was found in EmpowerID up to 7.205.0.0. It has been rated as problematic. This... Low Unreviewed

CVE-2023-4177 was published Aug 6, 2023

In PHPJabbers Cleaning Business Software 1.0, lack of verification when changing an email address... Critical Unreviewed

CVE-2023-36139 was published Aug 4, 2023

In PHP Jabbers Class Scheduling System 1.0, lack of verification when changing an email address... Critical Unreviewed

CVE-2023-36134 was published Aug 4, 2023

A local user could edit the VideoEdge configuration file and interfere with VideoEdge operation. Moderate Unreviewed

CVE-2023-3749 was published Aug 3, 2023

In CODESYS Development System versions from 3.5.11.20 and before 3.5.19.20 a missing integrity... High Unreviewed

CVE-2023-3663 was published Aug 3, 2023

An insufficient verification of data vulnerability exists in BIG-IP Edge Client for Windows and... Moderate Unreviewed

CVE-2023-36858 was published Aug 2, 2023

Insufficient data validation in DevTools in Google Chrome prior to 111.0.5563.64 allowed a remote... Moderate Unreviewed

CVE-2023-2314 was published Jul 29, 2023

A GRE dataset file within Systems Manager can be tampered with and distributed to PCUs. Moderate Unreviewed

CVE-2023-30562 was published Jul 13, 2023

Controller may be loaded with malicious firmware which could enable remote code execution Critical Unreviewed

CVE-2023-25178 was published Jul 13, 2023

The Hide My WP Ghost – Security Plugin plugin for WordPress is vulnerable to IP Address Spoofing... Moderate Unreviewed

CVE-2022-4537 was published Jul 6, 2023

In JetBrains IntelliJ IDEA before 2023.1 in some cases, Gradle and Maven projects could be... High Unreviewed

CVE-2022-48431 was published Jul 6, 2023

Rumpus - FTP server version 9.0.7.1 Improper Token Verification– vulnerability may allow... High Unreviewed

CVE-2022-46370 was published Jul 6, 2023

All versions of ETIC Telecom Remote Access Server (RAS) 4.5.0 and prior’s web portal is... Critical Unreviewed

CVE-2022-3703 was published Jul 6, 2023

Previous 1 2 3 4 5 … 10 11 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

271 advisories