Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,298
Erlang
31
GitHub Actions
21
Go
2,063
Maven
5,000+
npm
3,744
NuGet
668
pip
3,424
Pub
12
RubyGems
892
Rust
876
Swift
36
Unreviewed advisories
All unreviewed
5,000+

351 advisories

Loading
Arduino Create Agent Insufficient Verification of Data Authenticity vulnerability High
CVE-2023-43800 was published for github.com/arduino/arduino-create-agent (Go) Oct 18, 2023
giubby84
When the Node.js policy feature checks the integrity of a resource against a trusted manifest,... High Unreviewed
CVE-2023-38552 was published Oct 18, 2023
Insufficient Verification of Data Authenticity in Apache InLong Moderate
CVE-2023-43666 was published for org.apache.inlong:inlong (Maven) Oct 16, 2023
A insufficient verification of data authenticity vulnerability [CWE-345] in FortiAnalyzer version... Moderate Unreviewed
CVE-2023-42782 was published Oct 10, 2023
An insufficient verification of data vulnerability exists in BIG-IP Edge Client Installer on... High Unreviewed
CVE-2023-5450 was published Oct 10, 2023
A flaw was found in Open vSwitch that allows ICMPv6 Neighbor Advertisement packets between... Moderate Unreviewed
CVE-2023-5366 was published Oct 6, 2023
An issue has been discovered in GitLab affecting all versions starting from 11.2 before 16.2.8,... Moderate Unreviewed
CVE-2023-3920 was published Sep 29, 2023
Kubernetes users may update Pod labels to bypass network policy Moderate
CVE-2023-39347 was published for github.com/cilium/cilium (Go) Sep 26, 2023
odinuge nebril
Composer allows cache poisoning from other projects built on the same host High
CVE-2015-8371 was published for composer/composer (Composer) Sep 21, 2023
In EVE OS, the “measured boot” mechanism prevents a compromised device from accessing the... High Unreviewed
CVE-2023-43636 was published Sep 20, 2023
sidekiq Denial of Service vulnerability Moderate
CVE-2023-26141 was published for sidekiq (RubyGems) Sep 14, 2023
wwahammy kflavin
martingregoire
A vulnerability in the iPXE boot function of Cisco IOS XR software could allow an authenticated,... High Unreviewed
CVE-2023-20236 was published Sep 13, 2023
Insufficient verification of data authenticity vulnerability in Delinea Secret Server, in its v10... High Unreviewed
CVE-2023-4589 was published Sep 6, 2023
ManageEngine ADSelfService Plus GINA Client Insufficient Verification of Data Authenticity... Moderate Unreviewed
CVE-2023-35719 was published Sep 6, 2023
IBM Aspera Faspex 5.0.5 could allow a remote attacked to bypass IP restrictions due to improper... High Unreviewed
CVE-2023-35906 was published Sep 5, 2023
RARLabs WinRAR before 6.23 allows attackers to execute arbitrary code when a user attempts to... High Unreviewed
CVE-2023-38831 was published Aug 23, 2023
An issue was discovered on AudioCodes VoIP desk phones through 3.4.4.1000. The validation of... High Unreviewed
CVE-2023-22955 was published Aug 11, 2023
Insufficient verification of data authenticity in Zoom Desktop Client for Windows before 5.14.5... High Unreviewed
CVE-2023-36541 was published Aug 8, 2023
A vulnerability was found in EmpowerID up to 7.205.0.0. It has been rated as problematic. This... Low Unreviewed
CVE-2023-4177 was published Aug 6, 2023
In PHPJabbers Cleaning Business Software 1.0, lack of verification when changing an email address... Critical Unreviewed
CVE-2023-36139 was published Aug 4, 2023
In PHP Jabbers Class Scheduling System 1.0, lack of verification when changing an email address... Critical Unreviewed
CVE-2023-36134 was published Aug 4, 2023
A local user could edit the VideoEdge configuration file and interfere with VideoEdge operation. Moderate Unreviewed
CVE-2023-3749 was published Aug 3, 2023
In CODESYS Development System versions from 3.5.11.20 and before 3.5.19.20 a missing integrity... High Unreviewed
CVE-2023-3663 was published Aug 3, 2023
An insufficient verification of data vulnerability exists in BIG-IP Edge Client for Windows and... Moderate Unreviewed
CVE-2023-36858 was published Aug 2, 2023
Insufficient data validation in DevTools in Google Chrome prior to 111.0.5563.64 allowed a remote... Moderate Unreviewed
CVE-2023-2314 was published Jul 29, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database