Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,248
Erlang
31
GitHub Actions
21
Go
2,016
Maven
5,000+
npm
3,721
NuGet
662
pip
3,400
Pub
11
RubyGems
890
Rust
852
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

89 advisories

Loading
In appendEscapedSQLString of DatabaseUtils.java, there is a possible SQL injection due to unsafe... Moderate Unreviewed
CVE-2023-40121 was published Oct 27, 2023
In spring AMQP versions 1.0.0 to 2.4.16 and 3.0.0 to 3.0.9 , allowed list patterns for... Moderate Unreviewed
CVE-2023-34050 was published Oct 19, 2023
A vulnerability was found in spider-flow up to 0.5.0. It has been declared as critical. Affected... Moderate Unreviewed
CVE-2023-5016 was published Sep 17, 2023
A flaw was found in GLib. GVariant deserialization is vulnerable to an exponential blowup issue... Moderate Unreviewed
CVE-2023-32665 was published Sep 14, 2023
IBM B2B Advanced Communications 1.0.0.0 and IBM Multi-Enterprise Integration Gateway 1.0.0.1... Moderate Unreviewed
CVE-2023-24971 was published Jul 31, 2023
In multiple functions of sta_iface.cpp, there is a possible out of bounds read due to unsafe... Moderate Unreviewed
CVE-2023-21209 was published Jun 28, 2023
In startWpsPinDisplayInternal of sta_iface.cpp, there is a possible out of bounds read due to... Moderate Unreviewed
CVE-2023-21205 was published Jun 28, 2023
In initiateVenueUrlAnqpQueryInternal of sta_iface.cpp, there is a possible out of bounds read due... Moderate Unreviewed
CVE-2023-21206 was published Jun 28, 2023
A vulnerability was found in Zhong Bang CRMEB up to 4.6.0. It has been declared as problematic.... Moderate Unreviewed
CVE-2023-3234 was published Jun 14, 2023
A vulnerability was found in Zhong Bang CRMEB up to 4.6.0 and classified as critical. This issue... Moderate Unreviewed
CVE-2023-3232 was published Jun 14, 2023
A vulnerability, which was classified as problematic, has been found in DataGear up to 4.5.1.... Moderate Unreviewed
CVE-2023-2042 was published Apr 14, 2023
Serialization of sensitive data in GitLab EE affecting all versions from 14.9 prior to 15.2.5, 15... Moderate Unreviewed
CVE-2022-3291 was published Oct 17, 2022
In BIG-IP Versions 16.1.x before 16.1.3, 15.1.x before 15.1.6.1, 14.1.x before 14.1.5, and all... Moderate Unreviewed
CVE-2022-33947 was published Aug 5, 2022
In the keystore library, there is a possible prevention of access to system Settings due to... Moderate Unreviewed
CVE-2022-20195 was published Jun 16, 2022
Knowledge Management versions 7.01, 7.02, 7.30, 7.31, 7.40, 7.50 allows a remote attacker with... Moderate Unreviewed
CVE-2021-21488 was published May 24, 2022
Trusty contains a vulnerability in all TAs whose deserializer does not reject messages with... Moderate Unreviewed
CVE-2021-34394 was published May 24, 2022
Trusty contains a vulnerability in TSEC TA which deserializes the incoming messages even though... Moderate Unreviewed
CVE-2021-34393 was published May 24, 2022
An unsafe deserialization vulnerability in Bridgecrew Checkov by Prisma Cloud allows arbitrary... Moderate Unreviewed
CVE-2021-3040 was published May 24, 2022
An unsafe deserialization vulnerability in Bridgecrew Checkov by Prisma Cloud allows arbitrary... Moderate Unreviewed
CVE-2021-3035 was published May 24, 2022
Multiple vulnerabilities in the web-based management interface of Cisco RV340, RV340W, RV345, and... Moderate Unreviewed
CVE-2021-1413 was published May 24, 2022
Multiple vulnerabilities in the web-based management interface of Cisco RV340, RV340W, RV345, and... Moderate Unreviewed
CVE-2021-1415 was published May 24, 2022
Multiple vulnerabilities in the web-based management interface of Cisco RV340, RV340W, RV345, and... Moderate Unreviewed
CVE-2021-1414 was published May 24, 2022
Use of unsafe yaml load. Allows instantiation of arbitrary objects. The flaw itself is caused by... Moderate Unreviewed
CVE-2020-10289 was published May 24, 2022
The affected product is vulnerable to the handling of serialized data. The issue results from the... Moderate Unreviewed
CVE-2020-12000 was published May 24, 2022
IBM QRadar 7.3.0 to 7.3.3 Patch 2 could allow an authenticated user to send a specially crafted... Moderate Unreviewed
CVE-2020-4271 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database