Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,224
Erlang
31
GitHub Actions
19
Go
1,990
Maven
5,000+
npm
3,706
NuGet
661
pip
3,336
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+

65 advisories

Loading
Inductive Automation Ignition OPC UA Quick Client Task Scheduling Exposed Dangerous Function... High Unreviewed
CVE-2023-38124 was published May 3, 2024
Kofax Power PDF exportAsText Exposed Dangerous Method Remote Code Execution Vulnerability. This... High Unreviewed
CVE-2023-37330 was published May 3, 2024
Foxit PDF Editor DOC File Parsing Exposed Dangerous Method Remote Code Execution Vulnerability.... High Unreviewed
CVE-2023-27365 was published May 3, 2024
Foxit PDF Editor XLS File Parsing Exposed Dangerous Method Remote Code Execution Vulnerability.... High Unreviewed
CVE-2023-27364 was published May 3, 2024
Foxit PDF Reader exportXFAData Exposed Dangerous Method Remote Code Execution Vulnerability. This... High Unreviewed
CVE-2023-27363 was published May 3, 2024
IBM Storage Defender - Resiliency Service 2.0.0 through 2.0.2 could allow a privileged user to... Moderate Unreviewed
CVE-2024-27261 was published Apr 12, 2024
A denial of service vulnerability exists in the TDDP functionality of Tp-Link AC1350 Wireless MU... High Unreviewed
CVE-2023-49074 was published Apr 9, 2024
Voltronic Power ViewPower Pro updateManagerPassword Exposed Dangerous Function Authentication... Critical Unreviewed
CVE-2023-51573 was published Apr 2, 2024
In JetBrains TeamCity before 2023.11 users with access to the agent machine might obtain... Moderate Unreviewed
CVE-2024-29880 was published Mar 21, 2024
LangChain Experimental vulnerable to arbitrary code execution Critical
CVE-2024-27444 was published for langchain-experimental (pip) Feb 26, 2024
An attacker could potentially exploit this vulnerability, leading to the ability to modify files... Critical Unreviewed
CVE-2023-5389 was published Jan 30, 2024
Duplicate Advisory: Improper JWT Signature Validation in SAP Security Services Library Critical
GHSA-gcgw-q47m-prvj was published for com.sap.cloud.security.xsuaa:spring-xsuaa (Maven) Dec 12, 2023 withdrawn
Duplicate Advisory: Privilege escalation in sap-xssec Critical
GHSA-p99h-pfg6-qrfg was published for sap-xssec (pip) Dec 12, 2023 withdrawn
Duplicate Advisory: Privilege escalation in sap/cloud-security-client-go Critical
GHSA-92cg-ghq6-9587 was published for github.com/sap/cloud-security-client-go (Go) Dec 12, 2023 withdrawn
Escalation of privileges in @sap/xssec Critical
CVE-2023-49583 was published for @sap/xssec (npm) Dec 12, 2023
leon-vg
In Delta Electronics InfraSuite Device Master v.1.0.7, a vulnerability exists that allows an... Critical Unreviewed
CVE-2023-39226 was published Dec 1, 2023
When user authentication is not enabled the shell can execute commands with the highest... Critical Unreviewed
CVE-2023-40151 was published Nov 21, 2023
EisBaer Scada - CWE-749: Exposed Dangerous Method or Function Critical Unreviewed
CVE-2023-42494 was published Oct 25, 2023
cashIT! - serving solutions. Devices from "PoS/ Dienstleistung, Entwicklung & Vertrieb GmbH" to... Critical Unreviewed
CVE-2023-3656 was published Oct 3, 2023
cashIT! - serving solutions. Devices from "PoS/ Dienstleistung, Entwicklung & Vertrieb GmbH" to... High Unreviewed
CVE-2023-3655 was published Oct 3, 2023
The SolarWinds Platform was susceptible to the Incorrect Comparison Vulnerability. This... High Unreviewed
CVE-2023-23845 was published Sep 14, 2023
The SolarWinds Platform was susceptible to the Incorrect Comparison Vulnerability. This... High Unreviewed
CVE-2023-23840 was published Sep 14, 2023
?The affected product does not perform an authentication check and performs some dangerous... Critical Unreviewed
CVE-2023-40150 was published Sep 11, 2023
Govee Home app has unprotected access to WebView component which can be opened by any app on the... High Unreviewed
CVE-2023-3612 was published Sep 11, 2023
Exposure of sensitive information in Zoom Client SDK's before 5.15.5 may allow an authenticated... High Unreviewed
CVE-2023-39214 was published Aug 9, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database