Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
20
Go
2,000
Maven
5,000+
npm
3,711
NuGet
661
pip
3,383
Pub
11
RubyGems
885
Rust
849
Swift
36
Unreviewed advisories
All unreviewed
5,000+

10,711 advisories

Loading
Improper Input Validation in vriteio/vrite Moderate
CVE-2023-5571 was published for @vrite/sdk (npm) Oct 13, 2023
FactoryTalk Linx, in the Rockwell Automation PanelView Plus, allows an unauthenticated threat... Critical Unreviewed
CVE-2023-29464 was published Oct 13, 2023
IBM App Connect Enterprise 11.0.0.1 through 11.0.0.23, 12.0.1.0 through 12.0.10.0 and IBM... Moderate Unreviewed
CVE-2023-45176 was published Oct 14, 2023
An attacker who is logged into OTRS as an user with privileges to create and change customer user... Moderate Unreviewed
CVE-2023-5421 was published Oct 16, 2023
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is... High Unreviewed
CVE-2023-30987 was published Oct 16, 2023
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5 and 11.5 is vulnerable to... High Unreviewed
CVE-2023-38720 was published Oct 16, 2023
IBM Db2 for Linux, UNIX, and Windows (includes Db2 Connect Server) 11.5 is vulnerable to a denial... High Unreviewed
CVE-2023-38740 was published Oct 17, 2023
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is... High Unreviewed
CVE-2023-38728 was published Oct 17, 2023
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5 is vulnerable to denial of... High Unreviewed
CVE-2023-40372 was published Oct 17, 2023
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.1 and 11.5 is vulnerable to... High Unreviewed
CVE-2023-30991 was published Oct 17, 2023
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5 is vulnerable to denial of... High Unreviewed
CVE-2023-40374 was published Oct 17, 2023
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) is vulnerable to denial of... High Unreviewed
CVE-2023-40373 was published Oct 17, 2023
IBM Db2 11.5 could allow a local user with special privileges to cause a denial of service during... Moderate Unreviewed
CVE-2023-38719 was published Oct 17, 2023
IBM Security Verify Privilege On-Premises 11.5 could allow an attacker to modify messages... Moderate Unreviewed
CVE-2022-22384 was published Oct 17, 2023
IBM Security Verify Privilege On-Premise 11.5 could allow an authenticated user to obtain... High Unreviewed
CVE-2021-29913 was published Oct 17, 2023
Improper Input Validation vulnerability in Apache Traffic Server with malformed HTTP/2 frames... High Unreviewed
CVE-2023-39456 was published Oct 17, 2023
CSRF Token Reuse Vulnerability Critical
CVE-2023-45128 was published for github.com/gofiber/fiber/v2 (Go) Oct 17, 2023
rere61 sixcolors
the-hotmann gaby efectn ReneWerner87
In dotCMS, versions mentioned, a flaw in the NormalizationFilter does not strip double slashes (/... Moderate Unreviewed
CVE-2023-3042 was published Oct 18, 2023
PDM Trojan Lockfile High
CVE-2023-45805 was published for pdm (pip) Oct 20, 2023
wayphinder
An Improper Input Validation vulnerability in Zscaler Client Connector on Linux allows Privilege... Critical Unreviewed
CVE-2023-28805 was published Oct 23, 2023
Multiple vulnerabilities in the Zscaler Client Connector Installer and Uninstaller for Windows... High Unreviewed
CVE-2021-26736 was published Oct 23, 2023
Ingress-nginx path sanitization can be bypassed High
CVE-2022-4886 was published for k8s.io/ingress-nginx (Go) Oct 25, 2023
Ingress nginx annotation injection causes arbitrary command execution High
CVE-2023-5043 was published for k8s.io/ingress-nginx (Go) Oct 25, 2023
Ingress-nginx code injection via nginx.ingress.kubernetes.io/permanent-redirect annotation High
CVE-2023-5044 was published for k8s.io/ingress-nginx (Go) Oct 25, 2023
joshbressers
Under certain conditions, Nessus Network Monitor was found to not properly enforce input... High Unreviewed
CVE-2023-5624 was published Oct 26, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database