Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
20
Go
1,998
Maven
5,000+
npm
3,710
NuGet
661
pip
3,364
Pub
11
RubyGems
885
Rust
846
Swift
36
Unreviewed advisories
All unreviewed
5,000+

114 advisories

Loading
Non-constant time nonce comparison in Jenkins Microsoft Entra ID (previously Azure AD) Plugin High
CVE-2023-41935 was published for org.jenkins-ci.plugins:azure-ad (Maven) Sep 6, 2023
Jenkins Google Login Plugin non-constant time token comparison High
CVE-2023-41936 was published for org.jenkins-ci.plugins:google-login (Maven) Sep 6, 2023
An incorrect comparison vulnerability was identified in GitHub Enterprise Server that allowed... Moderate Unreviewed
CVE-2023-23765 was published Aug 31, 2023
Apache NiFi Insufficient Property Validation vulnerability Moderate
CVE-2023-40037 was published for org.apache.nifi:nifi-dbcp-base (Maven) Aug 19, 2023
An incorrect comparison vulnerability was identified in GitHub Enterprise Server that allowed... High Unreviewed
CVE-2023-23764 was published Jul 27, 2023
The SolarWinds Platform was susceptible to the Incorrect Comparison Vulnerability. This... High Unreviewed
CVE-2023-33225 was published Jul 26, 2023
The SolarWinds Platform was susceptible to the Incorrect Comparison Vulnerability. This... High Unreviewed
CVE-2023-23843 was published Jul 26, 2023
The SolarWinds Platform was susceptible to the Incorrect Comparison Vulnerability. This... High Unreviewed
CVE-2023-23844 was published Jul 26, 2023
Experion server may experience a DoS due to a stack overflow when handling a specially crafted... High Unreviewed
CVE-2023-22435 was published Jul 13, 2023
A floating point exception vulnerability was found in sox, in the read_samples function at sox... Moderate Unreviewed
CVE-2023-32627 was published Jul 10, 2023
A floating point exception vulnerability was found in sox, in the lsx_aiffstartwrite function at... Moderate Unreviewed
CVE-2023-26590 was published Jul 10, 2023
Sentry CORS misconfiguration Moderate
CVE-2023-36829 was published for sentry (pip) Jul 6, 2023
andr0idp4r4n0id
Apache OpenMeetings insufficient authorization vulnerability Moderate
CVE-2023-28936 was published for org.apache.openmeetings:openmeetings-db (Maven) Jul 6, 2023
An incorrect comparison vulnerability was identified in GitHub Enterprise Server that allowed... Moderate Unreviewed
CVE-2023-23762 was published Jul 6, 2023
Dynamic Linq vulnerable to remote code execution Critical
CVE-2023-32571 was published for System.Linq.Dynamic.Core (NuGet) Jun 22, 2023
An issue was discovered in ONOS 2.5.1. There is an incorrect comparison of paths installed by... Moderate Unreviewed
CVE-2022-29944 was published Apr 20, 2023
An issue was discovered in ONOS 2.5.1. There is an incorrect comparison of flow rules installed... Moderate Unreviewed
CVE-2021-38364 was published Apr 20, 2023
This vulnerability allows network-adjacent attackers to bypass authentication on affected... High Unreviewed
CVE-2022-27645 was published Mar 29, 2023
This vulnerability allows network-adjacent attackers to bypass authentication on affected... High Unreviewed
CVE-2022-43621 was published Mar 29, 2023
TensorFlow has Floating Point Exception in AudioSpectrogram High
CVE-2023-25666 was published for tensorflow (pip) Mar 24, 2023
TensorFlow has Floating Point Exception in AvgPoolGrad with XLA High
CVE-2023-25669 was published for tensorflow (pip) Mar 24, 2023
TensorFlow has Floating Point Exception in TensorListSplit with XLA High
CVE-2023-25673 was published for tensorflow (pip) Mar 24, 2023
TensorFlow has Segfault in Bincount with XLA High
CVE-2023-25675 was published for tensorflow (pip) Mar 24, 2023
TensorFlow has Floating Point Exception in TFLite in conv kernel High
CVE-2023-27579 was published for tensorflow (pip) Mar 24, 2023
A type juggling vulnerability in the component /auth/fn.php of PlaySMS v1.4.5 and earlier allows... Critical Unreviewed
CVE-2022-47034 was published Feb 14, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database