GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,090
Erlang
29
GitHub Actions
19
Go
1,915
Maven
5,000+
npm
3,646
NuGet
638
pip
3,262
Pub
10
RubyGems
870
Rust
821
Swift
35
Unreviewed advisories
All unreviewed
5,000+
10,614 advisories
Filter by severity
An SMM driver input validation vulnerability in the BIOS of some ThinkPad models could allow an...
Moderate
Unreviewed
CVE-2022-48189
was published
Oct 30, 2023
An SMI handler input validation vulnerability in the BIOS of some ThinkPad models could allow an...
Moderate
Unreviewed
CVE-2022-4574
was published
Oct 30, 2023
Improper Input Validation in GitHub repository mintplex-labs/anything-llm prior to 0.1.0.
Critical
Unreviewed
CVE-2023-5832
was published
Oct 30, 2023
An SMI handler input validation vulnerability in the ThinkPad X1 Fold Gen 1 could allow an...
Moderate
Unreviewed
CVE-2022-4573
was published
Oct 30, 2023
In Messaging, there is a possible way to disable the messaging application due to improper input...
High
Unreviewed
CVE-2023-21391
was published
Oct 30, 2023
Kubernetes privilege escalation vulnerability
High
CVE-2023-3955
was published
for
k8s.io/kubernetes
(Go)
Oct 31, 2023
Kubernetes privilege escalation vulnerability
High
CVE-2023-3676
was published
for
k8s.io/kubernetes
(Go)
Oct 31, 2023
Improper access control in Elenos ETG150 FM transmitter v3.12 allows attackers to make arbitrary...
Low
Unreviewed
CVE-2023-37833
was published
Nov 1, 2023
Dolibarr Improper Input Validation vulnerability
High
CVE-2023-4197
was published
for
dolibarr/dolibarr
(Composer)
Nov 1, 2023
In TeleService, there is a possible system crash due to improper input validation. This could...
Moderate
Unreviewed
CVE-2022-48459
was published
Nov 1, 2023
In TeleService, there is a possible system crash due to improper input validation. This could...
Moderate
Unreviewed
CVE-2022-48458
was published
Nov 1, 2023
In TeleService, there is a possible system crash due to improper input validation. This could...
Moderate
Unreviewed
CVE-2022-48457
was published
Nov 1, 2023
A vulnerability in the inter-device communication mechanisms between devices that are running...
High
Unreviewed
CVE-2023-20063
was published
Nov 1, 2023
A vulnerability in an API of the Web Bridge feature of Cisco Meeting Server could allow an...
Moderate
Unreviewed
CVE-2023-20255
was published
Nov 1, 2023
A vulnerability in the file download feature of Cisco Firepower Management Center (FMC) Software...
Moderate
Unreviewed
CVE-2023-20114
was published
Nov 1, 2023
A vulnerability in the interaction between the Server Message Block (SMB) protocol preprocessor...
Moderate
Unreviewed
CVE-2023-20270
was published
Nov 1, 2023
Insecure
job execution mechanism vulnerability. This
vulnerability can lead to other attacks as...
High
Unreviewed
CVE-2023-40061
was published
Nov 1, 2023
SolarWinds Platform Incomplete List of Disallowed Inputs Remote Code Execution Vulnerability. If...
High
Unreviewed
CVE-2023-40062
was published
Nov 1, 2023
Chunghwa Telecom NOKIA G-040W-Q Firewall function has a vulnerability of input validation for...
Critical
Unreviewed
CVE-2023-41355
was published
Nov 3, 2023
Eclipse Parsson Denial of Service vulnerability
Moderate
CVE-2023-4043
was published
for
org.eclipse.parsson:project
(Maven)
Nov 3, 2023
Eclipse Glassfish remote code execution issue
Moderate
CVE-2023-5763
was published
for
org.glassfish.main.orb:orb-connector
(Maven)
Nov 3, 2023
Kubernetes csi-proxy vulnerable to privilege escalation due to improper input validation
High
CVE-2023-3893
was published
for
github.com/kubernetes-csi/csi-proxy
(Go)
Nov 3, 2023
The 1E-Exchange-DisplayMessageinstruction that is part of the End-User Interaction product pack...
Critical
Unreviewed
CVE-2023-5964
was published
Nov 6, 2023
An issue has been discovered in GitLab EE with Advanced Search affecting all versions from 13.9...
Low
Unreviewed
CVE-2023-5963
was published
Nov 6, 2023
The 1E-Exchange-CommandLinePing instruction that is part of the Network product pack available...
Critical
Unreviewed
CVE-2023-45163
was published
Nov 6, 2023
ProTip!
Advisories are also available from the
GraphQL API