Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

2,242 advisories

Loading
Component takeover in Oracle Data Provider for .NET High
CVE-2023-21893 was published for Oracle.ManagedDataAccess (NuGet) Jan 18, 2023
georg-jung alexkeh
Ghost's improper authentication allows access to member information and actions Moderate
CVE-2024-43409 was published for @tryghost/portal (npm) Aug 20, 2024
1337Nerd
Umbraco CMS Improper Access Control vulnerability Moderate
CVE-2024-43377 was published for Umbraco.Cms (NuGet) Aug 20, 2024
Vulnerability in the Oracle BI Publisher product of Oracle Fusion Middleware (component: Security... High Unreviewed
CVE-2023-21846 was published Jan 18, 2023
Vulnerability in the Oracle Mobile Field Service product of Oracle E-Business Suite (component:... High Unreviewed
CVE-2023-21853 was published Jan 18, 2023
Vulnerability in the Oracle HCM Common Architecture product of Oracle E-Business Suite (component... High Unreviewed
CVE-2023-21857 was published Jan 18, 2023
Vulnerability in the Oracle Demantra Demand Management product of Oracle Supply Chain (component:... High Unreviewed
CVE-2023-21850 was published Jan 18, 2023
Vulnerability in the Oracle Applications DBA product of Oracle E-Business Suite (component: Java... High Unreviewed
CVE-2023-21849 was published Jan 18, 2023
Vulnerability in the Oracle Learning Management product of Oracle E-Business Suite (component:... High Unreviewed
CVE-2023-21852 was published Jan 18, 2023
Vulnerability in the Oracle Marketing product of Oracle E-Business Suite (component: Marketing... High Unreviewed
CVE-2023-21851 was published Jan 18, 2023
Sangoma Technologies FreePBX before cdr 15.0.18, 16.0.40, 15.0.16, and 16.0.17 was discovered to... High Unreviewed
CVE-2023-43336 was published Nov 2, 2023
Vulnerability in the Oracle Sales Offline product of Oracle E-Business Suite (component: Core... High Unreviewed
CVE-2023-21854 was published Jan 18, 2023
Vulnerability in the Oracle Hospitality Reporting and Analytics product of Oracle Food and... High Unreviewed
CVE-2023-21828 was published Jan 18, 2023
Vulnerability in the Oracle BI Publisher product of Oracle Fusion Middleware (component: Security... High Unreviewed
CVE-2023-21832 was published Jan 18, 2023
Karmasis informatics solutions Infraskope Security Event Manager product has an unauthenticated... Moderate Unreviewed
CVE-2022-24036 was published Nov 16, 2022
Karmasis informatics solutions Infraskope Security Event Manager product has an unauthenticated... High Unreviewed
CVE-2022-24038 was published Nov 18, 2022
Vulnerability in the MySQL Cluster product of Oracle MySQL (component: Cluster: Internal... Moderate Unreviewed
CVE-2023-21860 was published Jan 18, 2023
Vulnerability in the Oracle Global Lifecycle Management NextGen OUI Framework product of Oracle... High Unreviewed
CVE-2023-21894 was published Jan 18, 2023
Vulnerability in the Oracle Health Sciences InForm product of Oracle Health Sciences Applications... Moderate Unreviewed
CVE-2023-21922 was published Apr 18, 2023
Vulnerability in the Oracle Banking Virtual Account Management product of Oracle Financial... Moderate Unreviewed
CVE-2023-21905 was published Apr 18, 2023
Vulnerability in the Oracle Health Sciences InForm product of Oracle Health Sciences Applications... High Unreviewed
CVE-2023-21923 was published Apr 18, 2023
Mattermost Desktop App fails to safeguard screen capture functionality Low
CVE-2024-39772 was published for mattermost-desktop (npm) Sep 16, 2024
Improper access control in UEFI firmware for some Intel(R) Processors may allow a privileged user... High Unreviewed
CVE-2023-43626 was published Sep 16, 2024
Improper access control in Intel(R) RAID Web Console all versions may allow an authenticated user... Moderate Unreviewed
CVE-2024-36247 was published Sep 16, 2024
Improper access control in Intel(R) RAID Web Console software all versions may allow an... Low Unreviewed
CVE-2024-36261 was published Sep 16, 2024
ProTip! Advisories are also available from the GraphQL API