GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,909
Composer 4,270
Erlang 31
GitHub Actions 21
Go 2,044
Maven 5,228
npm 3,736
NuGet 663
pip 3,414
Pub 12
RubyGems 891
Rust 868
Swift 36

Unreviewed advisories

All unreviewed 238,236

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

35 advisories

Filter by severity

Sort by

Least recently updated

Mattermost Improper Validation of Specified Type of Input vulnerability Moderate

CVE-2024-54083 was published for github.com/mattermost/mattermost/server/v8 (Go) Dec 16, 2024

An improper parsing vulnerability was reported in the FileZ client that could allow a crafted... High Unreviewed

CVE-2024-8058 was published Dec 16, 2024

Kubelet vulnerable to bypass of seccomp profile enforcement Moderate

CVE-2023-2431 was published for k8s.io/kubernetes (Go) Jun 16, 2023

Improper Input Validation vulnerability in ABB ASPECT-Enterprise on Linux, ABB NEXUS Series on... Critical Unreviewed

CVE-2024-6298 was published Jul 5, 2024

Default Credentail vulnerabilities in ASPECT on Linux allows access to the product using publicly... Critical Unreviewed

CVE-2024-51551 was published Dec 5, 2024

Credentials Disclosure vulnerabilities allow access to on board project back-up bundles. ... High Unreviewed

CVE-2024-51546 was published Dec 5, 2024

Data Validation / Data Sanitization vulnerabilities in Linux allows unvalidated and unsanitized... Critical Unreviewed

CVE-2024-51550 was published Dec 5, 2024

Moxa’s IP Cameras are affected by a medium-severity vulnerability, CVE-2024-9404, which could... Moderate Unreviewed

CVE-2024-9404 was published Dec 4, 2024

Improper Validation of Specified Type of Input vulnerability in Mitsubishi Electric Corporation... High Unreviewed

CVE-2024-8403 was published Nov 19, 2024

The Waybox Enel X web management application contains a PHP-type juggling vulnerability that may... Moderate Unreviewed

CVE-2023-29126 was published Nov 5, 2024

Improper validation of specified type of input for some Intel(R) PROSet/Wireless and Intel(R)... Moderate Unreviewed

CVE-2023-32651 was published Oct 29, 2024

A vulnerability in the TLS cryptography functionality of Cisco Adaptive Security Appliance (ASA)... High Unreviewed

CVE-2024-20494 was published Oct 23, 2024

A vulnerability in the Dynamic Access Policies (DAP) feature of Cisco Adaptive Security Appliance... High Unreviewed

CVE-2024-20408 was published Oct 23, 2024

A URL parameter during login flow was vulnerable to injection. An attacker could insert a... Moderate Unreviewed

CVE-2023-28799 was published Jun 22, 2023

An Improper Validation of Specified Type of Input vulnerability in the packet forwarding engine ... High Unreviewed

CVE-2024-47504 was published Oct 11, 2024

An issue has been discovered in GitLab EE affecting all versions starting before 16.4.4, all... Moderate Unreviewed

CVE-2023-3904 was published Dec 15, 2023

An issue has been discovered in GitLab CE/EE affecting all versions starting from 16.1 before 16... High Unreviewed

CVE-2023-3900 was published Aug 2, 2023

An input validation issue in the asset proxy in GitLab EE, affecting all versions from 12.3 prior... Low Unreviewed

CVE-2023-3906 was published Sep 29, 2023

Denial of Service in pipelines affecting all versions of Gitlab EE and CE prior to 16.2.8, 16.3... High Unreviewed

CVE-2023-3917 was published Sep 29, 2023

An issue has been discovered in GitLab affecting all versions starting from 16.2.0. Committing... Moderate Unreviewed

CVE-2023-4522 was published Aug 30, 2023

Improper Input Validation vulnerability in PHOENIX CONTACT FL/TC MGUARD Family in multiple... Moderate Unreviewed

CVE-2023-2673 was published Jun 13, 2023

go.mongodb.org/mongo-driver improperly validates cstrings when marshalling Go objects into BSON Moderate

CVE-2021-20329 was published for go.mongodb.org/mongo-driver (Go) Jun 15, 2021

The MiCard PLUS Ci and MiCard PLUS BLE reader products developed by rf IDEAS and rebranded by NT... Moderate Unreviewed

CVE-2024-1578 was published Sep 16, 2024

In Splunk Enterprise versions below 9.2.1, 9.1.4, and 9.0.9, the Dashboard Examples Hub in the... High Unreviewed

CVE-2024-29946 was published Mar 27, 2024

ServiceNow has addressed an input validation vulnerability that was identified in Vancouver and... Critical Unreviewed

CVE-2024-4879 was published Jul 10, 2024

Previous 1 2 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

35 advisories