GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
516 advisories
Filter by severity
A flaw was found in EAP-7 during deserialization of certain classes, which permits instantiation...
High
Unreviewed
CVE-2023-3171
was published
Dec 27, 2023
A vulnerable API method in M-Files Server before 23.12.13195.0 allows for uncontrolled resource...
Moderate
Unreviewed
CVE-2023-6910
was published
Dec 20, 2023
A flaw was found in Undertow. When an AJP request is sent that exceeds the max-header-size...
High
Unreviewed
CVE-2023-5379
was published
Dec 13, 2023
An issue was discovered in Zammad before 6.2.0. Due to lack of rate limiting in the "email...
High
Unreviewed
CVE-2023-50455
was published
Dec 10, 2023
Under certain circumstances, invalid authentication credentials could be sent to the login...
High
Unreviewed
CVE-2023-4486
was published
Dec 7, 2023
An allocation of resources without limits or throttling vulnerability in the Schweitzer...
Moderate
Unreviewed
CVE-2023-34389
was published
Nov 30, 2023
A possibility of unwanted server memory consumption was detected through the obsolete...
Moderate
Unreviewed
CVE-2023-6117
was published
Nov 22, 2023
A vulnerability in a logging API in Cisco Firepower Management Center (FMC) Software could allow...
High
Unreviewed
CVE-2023-20155
was published
Nov 1, 2023
Pfsense CE version 2.6.0 is vulnerable to No rate limit which can lead to an attacker creating...
Moderate
Unreviewed
CVE-2023-29973
was published
Oct 25, 2023
An issue was discovered in drivers/usb/storage/ene_ub6250.c for the ENE UB6250 reader driver in...
High
Unreviewed
CVE-2023-45862
was published
Oct 14, 2023
An Allocation of Resources Without Limits or Throttling vulnerability in Juniper Networks Junos...
High
Unreviewed
CVE-2023-44191
was published
Oct 13, 2023
When TCP Verified Accept is enabled on a TCP profile that is configured on a Virtual Server,...
High
Unreviewed
CVE-2023-40542
was published
Oct 10, 2023
Mattermost fails to enforce a limit for the size of the cache entry for OpenGraph data allowing...
High
Unreviewed
CVE-2023-5330
was published
Oct 9, 2023
An issue was discovered in the Wikibase extension for MediaWiki before 1.35.12, 1.36.x through 1...
High
Unreviewed
CVE-2023-45371
was published
Oct 9, 2023
RTPS dissector memory leak in Wireshark 4.0.0 to 4.0.8 and 3.6.0 to 3.6.16 allows denial of...
Moderate
Unreviewed
CVE-2023-5371
was published
Oct 4, 2023
A flaw was found in Open Virtual Network where the service monitor MAC does not properly rate...
Moderate
Unreviewed
CVE-2023-3153
was published
Oct 4, 2023
Allocation of Resources Without Limits or Throttling vulnerability in Hitachi Ops Center Common...
High
Unreviewed
CVE-2023-3967
was published
Oct 3, 2023
In Mosquitto before 2.0.16, excessive memory is allocated based on malicious initial packets that...
Moderate
Unreviewed
CVE-2023-0809
was published
Oct 2, 2023
A vulnerability in Cisco IOS XE Software for Cisco Catalyst 3650 and Catalyst 3850 Series...
High
Unreviewed
CVE-2023-20033
was published
Sep 27, 2023
As noted in the “VTPM.md” file in the eve documentation, “VTPM is a server listening on port...
Critical
Unreviewed
CVE-2023-43632
was published
Sep 21, 2023
** UNSUPPPORTED WHEN ASSIGNED ** Vulnerability in the RCPbind service running on UDP port (111),...
High
Unreviewed
CVE-2022-47562
was published
Sep 20, 2023
When curl retrieves an HTTP response, it stores the incoming headers so that
they can be accessed...
High
Unreviewed
CVE-2023-38039
was published
Sep 15, 2023
When calling `JS::CheckRegExpSyntax` a Syntax Error could have been set which would end in...
Moderate
Unreviewed
CVE-2023-4578
was published
Sep 11, 2023
QUIC connections do not set an upper bound on the amount of data buffered when reading post...
High
Unreviewed
CVE-2023-39322
was published
Sep 8, 2023
An improper resource allocation vulnerability exists in the OAS Engine configuration management...
Moderate
Unreviewed
CVE-2023-34994
was published
Sep 5, 2023
ProTip!
Advisories are also available from the
GraphQL API