GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,205
Erlang
31
GitHub Actions
19
Go
1,988
Maven
5,000+
npm
3,704
NuGet
661
pip
3,332
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+
132 advisories
Filter by severity
The affected devices use publicly available default credentials with administrative privileges.
Critical
Unreviewed
CVE-2023-39169
was published
Dec 7, 2023
Unitronics Vision Series PLCs and HMIs use default administrative passwords. An unauthenticated...
Critical
Unreviewed
CVE-2023-6448
was published
Dec 5, 2023
An authentication bypass vulnerability exists in the CiRpcAccepted() functionality of SoftEther...
High
Unreviewed
CVE-2023-27516
was published
Oct 12, 2023
MTProto proxy remote code execution vulnerability
High
CVE-2023-45312
was published
for
mtproto_proxy
(Erlang)
Oct 10, 2023
On an msdosfs filesystem, the 'truncate' or 'ftruncate' system calls under certain circumstances...
Moderate
Unreviewed
CVE-2023-5368
was published
Oct 4, 2023
The File Transfer Protocol (FTP) port is open by default in the SNAP PAC S1 Firmware version R10...
Moderate
Unreviewed
CVE-2023-40708
was published
Aug 24, 2023
ETIC Telecom RAS versions 4.7.0 and prior the web management portal authentication disabled by...
High
Unreviewed
CVE-2023-3453
was published
Aug 24, 2023
In checkDebuggingDisallowed of DeviceVersionFragment.java, there is a possible way to access adb...
High
Unreviewed
CVE-2023-35689
was published
Aug 15, 2023
Temporal Server vulnerable to Incorrect Authorization and Insecure Default Initialization of Resource
Low
CVE-2023-3485
was published
for
go.temporal.io/server
(Go)
Jun 30, 2023
Insecure Default Initialization In Liferay Portal
Moderate
CVE-2023-33949
was published
for
com.liferay.portal:release.portal.bom
(Maven)
May 24, 2023
User data exposure in Apache InLong
Moderate
CVE-2023-31101
was published
for
org.apache.inlong:manager-dao
(Maven)
May 22, 2023
Active Debug Code vulnerability in Mitsubishi Electric Corporation MELSEC WS Series WS0-GETH00200...
High
Unreviewed
CVE-2023-1618
was published
May 19, 2023
Apache superset missing check for default SECRET_KEY
High
CVE-2023-27524
was published
for
apache-superset
(pip)
Apr 24, 2023
An Insecure Default Initialization of Resource vulnerability in Juniper Networks Junos OS Evolved...
Moderate
Unreviewed
CVE-2023-28978
was published
Apr 18, 2023
In JetBrains IntelliJ IDEA before 2023.1 the bundled version of Chromium wasn't sandboxed.
High
Unreviewed
CVE-2022-48432
was published
Mar 29, 2023
In multiple products of CODESYS v3 in multiple versions a remote low privileged user could...
High
Unreviewed
CVE-2022-4224
was published
Mar 23, 2023
In JetBrains TeamCity before 2022.10.2 jVMTI was enabled by default on agents.
Critical
Unreviewed
CVE-2022-48342
was published
Feb 23, 2023
An insecure default vulnerability exists in the Post Creation functionality of Ghost Foundation...
Moderate
Unreviewed
CVE-2022-47194
was published
Jan 19, 2023
An insecure default vulnerability exists in the Post Creation functionality of Ghost Foundation...
Moderate
Unreviewed
CVE-2022-47196
was published
Jan 19, 2023
A regression exists in the Linux Kernel within KVM: nVMX that allowed for speculative execution...
High
Unreviewed
CVE-2022-2196
was published
Jan 9, 2023
In applyKeyguardFlags of NotificationShadeWindowControllerImpl.java, there is a possible way to...
Moderate
Unreviewed
CVE-2022-20466
was published
Dec 13, 2022
A flaw was found in Openshift. A pod with a DNSPolicy of "ClusterFirst" may incorrectly resolve...
High
Unreviewed
CVE-2022-3262
was published
Dec 8, 2022
In JetBrains TeamCity between 2022.10 and 2022.10.1 connecting to AWS using the "Default...
Moderate
Unreviewed
CVE-2022-46831
was published
Dec 8, 2022
Insecure default variable initialization in BIOS firmware for some Intel(R) NUC Boards and Intel...
Moderate
Unreviewed
CVE-2022-36349
was published
Nov 11, 2022
Apache Isis webconsole module may directly query the database in prototype mode
Moderate
CVE-2022-42467
was published
for
org.apache.isis.core:isis-core
(Maven)
Oct 19, 2022
ProTip!
Advisories are also available from the
GraphQL API