GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,096
Erlang
29
GitHub Actions
19
Go
1,925
Maven
5,000+
npm
3,654
NuGet
638
pip
3,263
Pub
10
RubyGems
873
Rust
823
Swift
35
Unreviewed advisories
All unreviewed
5,000+
807 advisories
Filter by severity
Security vulnerability in Apache bRPC <1.5.0 on all platforms allows attackers to execute...
Critical
Unreviewed
CVE-2023-31039
was published
Jul 6, 2023
Apache StreamPark Improper Input Validation vulnerability
Critical
CVE-2022-46365
was published
for
org.apache.streampark:streampark
(Maven)
Jul 6, 2023
White Rabbit Switch contains a vulnerability which makes it possible for an attacker to perform...
Critical
Unreviewed
CVE-2023-22581
was published
Jul 6, 2023
Weak Configuration due to improper input validation in Modem while processing LTE security mode...
Critical
Unreviewed
CVE-2023-21631
was published
Jul 4, 2023
Apache Airflow Hive Provider Beeline remote code execution with Principal
Critical
CVE-2023-35797
was published
for
apache-airflow-providers-apache-hive
(pip)
Jul 3, 2023
A improper input validation vulnerability exists in Ivanti Endpoint Manager 2022 and below that...
Critical
Unreviewed
CVE-2023-28324
was published
Jul 1, 2023
Multiple vulnerabilities in Cisco Expressway Series and Cisco TelePresence Video Communication...
Critical
Unreviewed
CVE-2023-20105
was published
Jun 28, 2023
Multiple vulnerabilities in Cisco Expressway Series and Cisco TelePresence Video Communication...
Critical
Unreviewed
CVE-2023-20192
was published
Jun 28, 2023
XSS vulnerability from InstantPlay in Galaxy Store prior to version 4.5.49.8 allows attackers to...
Critical
Unreviewed
CVE-2023-21516
was published
May 27, 2023
Ckan remote code execution and private information access via crafted resource ids
Critical
CVE-2023-32321
was published
for
ckan
(pip)
May 24, 2023
Apache Sling Commons JSON bundle vulnerable to Improper Input Validation
Critical
CVE-2022-47937
was published
for
org.apache.sling:org.apache.sling.commons.json
(Maven)
May 15, 2023
Insufficient input validation in the SMU may
allow an attacker to corrupt SMU SRAM potentially...
Critical
Unreviewed
CVE-2021-46762
was published
May 9, 2023
Insufficient input validation in the ASP (AMD
Secure Processor) bootloader may allow an attacker...
Critical
Unreviewed
CVE-2021-46754
was published
May 9, 2023
Insufficient validation of inputs in
SVC_MAP_USER_STACK in the ASP (AMD Secure Processor)...
Critical
Unreviewed
CVE-2021-46756
was published
May 9, 2023
Django bypasses validation when using one form field to upload multiple files
Critical
CVE-2023-31047
was published
for
Django
(pip)
May 7, 2023
Potential buffer overflow vulnerability in mm_Plmncoordination.c in Shannon baseband prior to SMR...
Critical
Unreviewed
CVE-2023-21504
was published
May 4, 2023
Potential buffer overflow vulnerability in mm_LteInterRatManagement.c in Shannon baseband prior...
Critical
Unreviewed
CVE-2023-21503
was published
May 4, 2023
Potential buffer overflow vulnerability in auth api in mm_Authentication.c in Shannon baseband...
Critical
Unreviewed
CVE-2023-21494
was published
May 4, 2023
An issue was discovered in ONOS 2.5.1. An intent with a large port number shows the CORRUPT state...
Critical
Unreviewed
CVE-2022-29606
was published
Apr 20, 2023
memory corruption in modem due to improper check while calculating size of serialized CoAP message
Critical
Unreviewed
CVE-2022-33211
was published
Apr 13, 2023
Certain Lexmark devices through 2023-02-19 mishandle Input Validation (issue 2 of 4).
Critical
Unreviewed
CVE-2023-26068
was published
Apr 10, 2023
Certain Lexmark devices through 2023-02-19 mishandle Input Validation (issue 4 of 4).
Critical
Unreviewed
CVE-2023-26070
was published
Apr 10, 2023
Certain Lexmark devices through 2023-02-19 mishandle Input Validation (issue 3 of 4).
Critical
Unreviewed
CVE-2023-26069
was published
Apr 10, 2023
CairoSVG improperly processes SVG files loaded from external resources
Critical
CVE-2023-27586
was published
for
CairoSVG
(pip)
Mar 20, 2023
Apache Airflow Sqoop Provider Improper Input Validation vulnerability
Critical
CVE-2023-25693
was published
for
apache-airflow-providers-apache-sqoop
(pip)
Feb 24, 2023
ProTip!
Advisories are also available from the
GraphQL API