Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

57 advisories

Loading
Foxit PDF Editor XLS File Parsing Exposed Dangerous Method Remote Code Execution Vulnerability.... High Unreviewed
CVE-2023-27364 was published May 3, 2024
Foxit PDF Editor DOC File Parsing Exposed Dangerous Method Remote Code Execution Vulnerability.... High Unreviewed
CVE-2023-27365 was published May 3, 2024
IBM Storage Defender - Resiliency Service 2.0.0 through 2.0.2 could allow a privileged user to... Moderate Unreviewed
CVE-2024-27261 was published Apr 12, 2024
A denial of service vulnerability exists in the TDDP functionality of Tp-Link AC1350 Wireless MU... High Unreviewed
CVE-2023-49074 was published Apr 9, 2024
Voltronic Power ViewPower Pro updateManagerPassword Exposed Dangerous Function Authentication... Critical Unreviewed
CVE-2023-51573 was published Apr 2, 2024
In JetBrains TeamCity before 2023.11 users with access to the agent machine might obtain... Moderate Unreviewed
CVE-2024-29880 was published Mar 21, 2024
LangChain Experimental vulnerable to arbitrary code execution Critical
CVE-2024-27444 was published for langchain-experimental (pip) Feb 26, 2024
An attacker could potentially exploit this vulnerability, leading to the ability to modify files... Critical Unreviewed
CVE-2023-5389 was published Jan 30, 2024
In Delta Electronics InfraSuite Device Master v.1.0.7, a vulnerability exists that allows an... Critical Unreviewed
CVE-2023-39226 was published Dec 1, 2023
When user authentication is not enabled the shell can execute commands with the highest... Critical Unreviewed
CVE-2023-40151 was published Nov 21, 2023
EisBaer Scada - CWE-749: Exposed Dangerous Method or Function Critical Unreviewed
CVE-2023-42494 was published Oct 25, 2023
cashIT! - serving solutions. Devices from "PoS/ Dienstleistung, Entwicklung & Vertrieb GmbH" to... High Unreviewed
CVE-2023-3655 was published Oct 3, 2023
cashIT! - serving solutions. Devices from "PoS/ Dienstleistung, Entwicklung & Vertrieb GmbH" to... Critical Unreviewed
CVE-2023-3656 was published Oct 3, 2023
The SolarWinds Platform was susceptible to the Incorrect Comparison Vulnerability. This... High Unreviewed
CVE-2023-23845 was published Sep 14, 2023
The SolarWinds Platform was susceptible to the Incorrect Comparison Vulnerability. This... High Unreviewed
CVE-2023-23840 was published Sep 14, 2023
?The affected product does not perform an authentication check and performs some dangerous... Critical Unreviewed
CVE-2023-40150 was published Sep 11, 2023
Govee Home app has unprotected access to WebView component which can be opened by any app on the... High Unreviewed
CVE-2023-3612 was published Sep 11, 2023
?In Keysight Geolocation Server v2.4.2 and prior, a low privileged attacker could create a... High Unreviewed
CVE-2023-36853 was published Jul 20, 2023
A vulnerability has been identified in CP-8031 MASTER MODULE (All versions < CPCI85 V05), CP-8050... Moderate Unreviewed
CVE-2023-33921 was published Jun 13, 2023
In JetBrains TeamCity before 2023.05 a specific endpoint was vulnerable to brute force attacks High Unreviewed
CVE-2023-34227 was published May 31, 2023
This vulnerability allows remote attackers to bypass authentication on affected installations of... Critical Unreviewed
CVE-2022-36983 was published Mar 29, 2023
This vulnerability allows remote attackers to execute arbitrary code on affected installations of... High Unreviewed
CVE-2022-37365 was published Mar 29, 2023
xwiki contains Exposed Dangerous Method or Function Moderate
CVE-2023-26478 was published for org.xwiki.platform:xwiki-platform-store-filesystem-oldcore (Maven) Mar 3, 2023
A user authorized to perform database queries may trigger denial of service by issuing specially... Moderate Unreviewed
CVE-2019-20923 was published May 24, 2022
This vulnerability allows remote attackers to write arbitrary files on affected installations of... High Unreviewed
CVE-2020-15623 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API