GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
2,242 advisories
Filter by severity
Component takeover in Oracle Data Provider for .NET
High
CVE-2023-21893
was published
for
Oracle.ManagedDataAccess
(NuGet)
Jan 18, 2023
Ghost's improper authentication allows access to member information and actions
Moderate
CVE-2024-43409
was published
for
@tryghost/portal
(npm)
Aug 20, 2024
Umbraco CMS Improper Access Control vulnerability
Moderate
CVE-2024-43377
was published
for
Umbraco.Cms
(NuGet)
Aug 20, 2024
Vulnerability in the Oracle BI Publisher product of Oracle Fusion Middleware (component: Security...
High
Unreviewed
CVE-2023-21846
was published
Jan 18, 2023
Vulnerability in the Oracle Mobile Field Service product of Oracle E-Business Suite (component:...
High
Unreviewed
CVE-2023-21853
was published
Jan 18, 2023
Vulnerability in the Oracle HCM Common Architecture product of Oracle E-Business Suite (component...
High
Unreviewed
CVE-2023-21857
was published
Jan 18, 2023
Vulnerability in the Oracle Demantra Demand Management product of Oracle Supply Chain (component:...
High
Unreviewed
CVE-2023-21850
was published
Jan 18, 2023
Vulnerability in the Oracle Applications DBA product of Oracle E-Business Suite (component: Java...
High
Unreviewed
CVE-2023-21849
was published
Jan 18, 2023
Vulnerability in the Oracle Learning Management product of Oracle E-Business Suite (component:...
High
Unreviewed
CVE-2023-21852
was published
Jan 18, 2023
Vulnerability in the Oracle Marketing product of Oracle E-Business Suite (component: Marketing...
High
Unreviewed
CVE-2023-21851
was published
Jan 18, 2023
Sangoma Technologies FreePBX before cdr 15.0.18, 16.0.40, 15.0.16, and 16.0.17 was discovered to...
High
Unreviewed
CVE-2023-43336
was published
Nov 2, 2023
Vulnerability in the Oracle Sales Offline product of Oracle E-Business Suite (component: Core...
High
Unreviewed
CVE-2023-21854
was published
Jan 18, 2023
Vulnerability in the Oracle Hospitality Reporting and Analytics product of Oracle Food and...
High
Unreviewed
CVE-2023-21828
was published
Jan 18, 2023
Vulnerability in the Oracle BI Publisher product of Oracle Fusion Middleware (component: Security...
High
Unreviewed
CVE-2023-21832
was published
Jan 18, 2023
Karmasis informatics solutions Infraskope Security Event Manager product has an unauthenticated...
Moderate
Unreviewed
CVE-2022-24036
was published
Nov 16, 2022
Karmasis informatics solutions Infraskope Security Event Manager product has an unauthenticated...
High
Unreviewed
CVE-2022-24038
was published
Nov 18, 2022
Vulnerability in the MySQL Cluster product of Oracle MySQL (component: Cluster: Internal...
Moderate
Unreviewed
CVE-2023-21860
was published
Jan 18, 2023
Vulnerability in the Oracle Global Lifecycle Management NextGen OUI Framework product of Oracle...
High
Unreviewed
CVE-2023-21894
was published
Jan 18, 2023
Vulnerability in the Oracle Health Sciences InForm product of Oracle Health Sciences Applications...
Moderate
Unreviewed
CVE-2023-21922
was published
Apr 18, 2023
Vulnerability in the Oracle Banking Virtual Account Management product of Oracle Financial...
Moderate
Unreviewed
CVE-2023-21905
was published
Apr 18, 2023
Vulnerability in the Oracle Health Sciences InForm product of Oracle Health Sciences Applications...
High
Unreviewed
CVE-2023-21923
was published
Apr 18, 2023
Mattermost Desktop App fails to safeguard screen capture functionality
Low
CVE-2024-39772
was published
for
mattermost-desktop
(npm)
Sep 16, 2024
Improper access control in UEFI firmware for some Intel(R) Processors may allow a privileged user...
High
Unreviewed
CVE-2023-43626
was published
Sep 16, 2024
Improper access control in Intel(R) RAID Web Console all versions may allow an authenticated user...
Moderate
Unreviewed
CVE-2024-36247
was published
Sep 16, 2024
Improper access control in Intel(R) RAID Web Console software all versions may allow an...
Low
Unreviewed
CVE-2024-36261
was published
Sep 16, 2024
ProTip!
Advisories are also available from the
GraphQL API