Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,454
Erlang
33
GitHub Actions
22
Go
2,152
Maven
5,000+
npm
3,818
NuGet
693
pip
3,492
Pub
12
RubyGems
902
Rust
901
Swift
38
Unreviewed advisories
All unreviewed
5,000+

364 advisories

Loading
ManageEngine ADSelfService Plus GINA Client Insufficient Verification of Data Authenticity... Moderate Unreviewed
CVE-2023-35719 was published Sep 6, 2023
IBM Aspera Faspex 5.0.5 could allow a remote attacked to bypass IP restrictions due to improper... High Unreviewed
CVE-2023-35906 was published Sep 5, 2023
RARLabs WinRAR before 6.23 allows attackers to execute arbitrary code when a user attempts to... High Unreviewed
CVE-2023-38831 was published Aug 23, 2023
An issue was discovered on AudioCodes VoIP desk phones through 3.4.4.1000. The validation of... High Unreviewed
CVE-2023-22955 was published Aug 11, 2023
Insufficient verification of data authenticity in Zoom Desktop Client for Windows before 5.14.5... High Unreviewed
CVE-2023-36541 was published Aug 8, 2023
A vulnerability was found in EmpowerID up to 7.205.0.0. It has been rated as problematic. This... Low Unreviewed
CVE-2023-4177 was published Aug 6, 2023
In PHP Jabbers Class Scheduling System 1.0, lack of verification when changing an email address... Critical Unreviewed
CVE-2023-36134 was published Aug 4, 2023
In PHPJabbers Cleaning Business Software 1.0, lack of verification when changing an email address... Critical Unreviewed
CVE-2023-36139 was published Aug 4, 2023
A local user could edit the VideoEdge configuration file and interfere with VideoEdge operation. Moderate Unreviewed
CVE-2023-3749 was published Aug 3, 2023
In CODESYS Development System versions from 3.5.11.20 and before 3.5.19.20 a missing integrity... High Unreviewed
CVE-2023-3663 was published Aug 3, 2023
An insufficient verification of data vulnerability exists in BIG-IP Edge Client for Windows and... Moderate Unreviewed
CVE-2023-36858 was published Aug 2, 2023
Insufficient data validation in DevTools in Google Chrome prior to 111.0.5563.64 allowed a remote... Moderate Unreviewed
CVE-2023-2314 was published Jul 29, 2023
Removal of e-Tugra root certificate High
CVE-2023-37920 was published for certifi (pip) Jul 25, 2023
crimsonknave
A GRE dataset file within Systems Manager can be tampered with and distributed to PCUs. Moderate Unreviewed
CVE-2023-30562 was published Jul 13, 2023
Controller may be loaded with malicious firmware which could enable remote code execution Critical Unreviewed
CVE-2023-25178 was published Jul 13, 2023
Pipelines do not validate child UIDs Low
CVE-2023-37264 was published for github.com/tektoncd/pipeline (Go) Jul 7, 2023
wlynch
The Hide My WP Ghost – Security Plugin plugin for WordPress is vulnerable to IP Address Spoofing... Moderate Unreviewed
CVE-2022-4537 was published Jul 6, 2023
Graylog vulnerable to insecure source port usage for DNS queries Low
CVE-2023-41045 was published for org.graylog2:graylog2-server (Maven) Jul 6, 2023
Iratxe001 borjam
In JetBrains IntelliJ IDEA before 2023.1 in some cases, Gradle and Maven projects could be... High Unreviewed
CVE-2022-48431 was published Jul 6, 2023
Rumpus - FTP server version 9.0.7.1 Improper Token Verification– vulnerability may allow... High Unreviewed
CVE-2022-46370 was published Jul 6, 2023
All versions of ETIC Telecom Remote Access Server (RAS) 4.5.0 and prior’s web portal is... Critical Unreviewed
CVE-2022-3703 was published Jul 6, 2023
The CMS Commander plugin for WordPress is vulnerable to authorization bypass due to the use of an... Critical Unreviewed
CVE-2023-3325 was published Jun 20, 2023
The driver installation package created by Printer Driver Packager NX v1.0.02 to v1.1.25 fails to... High Unreviewed
CVE-2023-30759 was published Jun 19, 2023
Insufficient verification of data authenticity in Zoom for Windows clients before 5.14.0 may... High Unreviewed
CVE-2023-34113 was published Jun 13, 2023
The Brizy Page Builder plugin for WordPress is vulnerable to IP Address Spoofing in versions up... Moderate Unreviewed
CVE-2023-2897 was published Jun 9, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database