GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 22,763
Composer 4,750
Erlang 35
GitHub Actions 29
Go 2,323
Maven 5,608
npm 3,956
NuGet 712
pip 3,739
Pub 12
RubyGems 921
Rust 973
Swift 38

Unreviewed advisories

All unreviewed 258,320

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

66 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

In InputMethod, there is a possible way to determine whether an app is installed, without query... High Unreviewed

CVE-2023-21337 was published Oct 30, 2023

In Slice, there is a possible disclosure of installed applications due to side channel... High Unreviewed

CVE-2023-21298 was published Oct 30, 2023

In Package Installer, there is a possible way to determine whether an app is installed, without... High Unreviewed

CVE-2023-21324 was published Oct 30, 2023

User enumeration is found in in PHPJabbers Appointment Scheduler 3.0. This issue occurs during... High Unreviewed

CVE-2023-36127 was published Oct 11, 2023

NVIDIA DGX H100 BMC contains a vulnerability in the host KVM daemon, where an unauthenticated... High Unreviewed

CVE-2023-25529 was published Sep 20, 2023

IBM GSKit-Crypto could allow a remote attacker to obtain sensitive information, caused by a... High Unreviewed

CVE-2023-33850 was published Aug 22, 2023

The Change WP Admin Login WordPress plugin before 1.1.4 discloses the URL of the hidden login... High Unreviewed

CVE-2023-3604 was published Aug 21, 2023

A possible unauthorized memory access flaw was found in the Linux kernel's cpu_entry_area mapping... High Unreviewed

CVE-2023-3640 was published Jul 24, 2023

TOTOLINK CP300+ V5.2cu.7594 contains a Denial of Service vulnerability in function RebootSystem... High Unreviewed

CVE-2023-34669 was published Jul 17, 2023

The sensitive information exposure vulnerability in the CGI “Export_Log” and the binary “zcmd” in... High Unreviewed

CVE-2023-28770 was published Jul 6, 2023

An issue was discovered in Ujcms v6.0.2 allows attackers to gain sensitive information via the... High Unreviewed

CVE-2023-34878 was published Jun 14, 2023

Certain HP Enterprise LaserJet and HP LaserJet Managed Printers are potentially vulnerable to... High Unreviewed

CVE-2023-1707 was published Jun 13, 2023

IBM GSKit could allow a remote attacker to obtain sensitive information, caused by a timing-based... High Unreviewed

CVE-2023-32342 was published May 31, 2023

Macrovideo v380pro v1.4.97 shares the device id and password when sharing the device. High Unreviewed

CVE-2023-33741 was published May 31, 2023

The multimedia video module has a vulnerability in data processing.Successful exploitation of... High Unreviewed

CVE-2023-1696 was published May 20, 2023

IBM Spectrum Virtualize 8.5, under certain circumstances, could disclose sensitive credential... High Unreviewed

CVE-2023-27870 was published May 11, 2023

SENAYAN Library Management System (SLiMS) Bulian v9.5.2 does not strip exif data from uploaded... High Unreviewed

CVE-2023-29850 was published Apr 14, 2023

An issue was discovered in MCUBO ICT through 10.12.4 (aka 6.0.2). An Observable Response... High Unreviewed

CVE-2023-26071 was published Mar 28, 2023

A timing side-channel in the handling of RSA ClientKeyExchange messages was discovered in GnuTLS.... High Unreviewed

CVE-2023-0361 was published Feb 15, 2023

TP-Link routers, Archer C5 and WR710N-V1, using the latest software, the strcmp function used for... High Unreviewed

CVE-2022-4499 was published Jan 11, 2023

** DISPUTED ** The AES instructions on the ARMv8 platform do not have an algorithm that is ... High Unreviewed

CVE-2022-48251 was published Jan 10, 2023

A vulnerability classified as problematic was found in Ziftr primecoin up to 0.8.4rc1. Affected... High Unreviewed

CVE-2013-10006 was published Jan 1, 2023

The MediaError message property should be consistent to avoid leaking information about cross... High Unreviewed

CVE-2022-34477 was published Dec 22, 2022

The Clerk WordPress plugin before 4.0.0 is affected by time-based attacks in the validation... High Unreviewed

CVE-2022-3907 was published Dec 5, 2022

Ampere Altra devices before 1.08g and Ampere Altra Max devices before 2.05a allow attackers to... High Unreviewed

CVE-2022-37459 was published Aug 18, 2022

Previous 1 2 3 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

66 advisories