Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,344
Erlang
31
GitHub Actions
22
Go
2,109
Maven
5,000+
npm
3,765
NuGet
680
pip
3,453
Pub
12
RubyGems
892
Rust
887
Swift
37
Unreviewed advisories
All unreviewed
5,000+

78 advisories

Loading
Duplicate Advisory: Privilege escalation in sap/cloud-security-client-go Critical
GHSA-92cg-ghq6-9587 was published for github.com/sap/cloud-security-client-go (Go) Dec 12, 2023 withdrawn
Duplicate Advisory: Privilege escalation in sap-xssec Critical
GHSA-p99h-pfg6-qrfg was published for sap-xssec (pip) Dec 12, 2023 withdrawn
Escalation of privileges in @sap/xssec Critical
CVE-2023-49583 was published for @sap/xssec (npm) Dec 12, 2023
leon-vg
In Delta Electronics InfraSuite Device Master v.1.0.7, a vulnerability exists that allows an... Critical Unreviewed
CVE-2023-39226 was published Dec 1, 2023
When user authentication is not enabled the shell can execute commands with the highest... Critical Unreviewed
CVE-2023-40151 was published Nov 21, 2023
EisBaer Scada - CWE-749: Exposed Dangerous Method or Function Critical Unreviewed
CVE-2023-42494 was published Oct 25, 2023
cashIT! - serving solutions. Devices from "PoS/ Dienstleistung, Entwicklung & Vertrieb GmbH" to... High Unreviewed
CVE-2023-3655 was published Oct 3, 2023
cashIT! - serving solutions. Devices from "PoS/ Dienstleistung, Entwicklung & Vertrieb GmbH" to... Critical Unreviewed
CVE-2023-3656 was published Oct 3, 2023
The SolarWinds Platform was susceptible to the Incorrect Comparison Vulnerability. This... High Unreviewed
CVE-2023-23840 was published Sep 14, 2023
The SolarWinds Platform was susceptible to the Incorrect Comparison Vulnerability. This... High Unreviewed
CVE-2023-23845 was published Sep 14, 2023
?The affected product does not perform an authentication check and performs some dangerous... Critical Unreviewed
CVE-2023-40150 was published Sep 11, 2023
Govee Home app has unprotected access to WebView component which can be opened by any app on the... High Unreviewed
CVE-2023-3612 was published Sep 11, 2023
Exposure of sensitive information in Zoom Client SDK's before 5.15.5 may allow an authenticated... High Unreviewed
CVE-2023-39214 was published Aug 9, 2023
?In Keysight Geolocation Server v2.4.2 and prior, a low privileged attacker could create a... High Unreviewed
CVE-2023-36853 was published Jul 20, 2023
A vulnerability has been identified in CP-8031 MASTER MODULE (All versions < CPCI85 V05), CP-8050... Moderate Unreviewed
CVE-2023-33921 was published Jun 13, 2023
In JetBrains TeamCity before 2023.05 a specific endpoint was vulnerable to brute force attacks High Unreviewed
CVE-2023-34227 was published May 31, 2023
This vulnerability allows remote attackers to bypass authentication on affected installations of... Critical Unreviewed
CVE-2022-36983 was published Mar 29, 2023
This vulnerability allows remote attackers to execute arbitrary code on affected installations of... High Unreviewed
CVE-2022-37365 was published Mar 29, 2023
xwiki contains Exposed Dangerous Method or Function Moderate
CVE-2023-26478 was published for org.xwiki.platform:xwiki-platform-store-filesystem-oldcore (Maven) Mar 3, 2023
A user authorized to perform database queries may trigger denial of service by issuing specially... Moderate Unreviewed
CVE-2019-20923 was published May 24, 2022
This vulnerability allows remote attackers to write arbitrary files on affected installations of... High Unreviewed
CVE-2020-15623 was published May 24, 2022
A vulnerability has been identified in SiNVR 3 Central Control Server (CCS) (all versions), SiNVR... High Unreviewed
CVE-2019-18342 was published May 24, 2022
An RCE (Remote Code Execution) vulnerability exists in the UCS software through 6.0.0 used by... High Unreviewed
CVE-2019-12948 was published May 24, 2022
IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 11.1 could allow an... Moderate Unreviewed
CVE-2019-4386 was published May 24, 2022
TIT-AL00 smartphones with software versions earlier before TIT-AL00C583B214 have a exposed system... High Unreviewed
CVE-2017-2735 was published May 17, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database