Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,273
Erlang
31
GitHub Actions
21
Go
2,055
Maven
5,000+
npm
3,739
NuGet
668
pip
3,417
Pub
12
RubyGems
891
Rust
872
Swift
36
Unreviewed advisories
All unreviewed
5,000+

10,757 advisories

Loading
Ingress-nginx path sanitization can be bypassed High
CVE-2022-4886 was published for k8s.io/ingress-nginx (Go) Oct 25, 2023
Ingress-nginx code injection via nginx.ingress.kubernetes.io/permanent-redirect annotation High
CVE-2023-5044 was published for k8s.io/ingress-nginx (Go) Oct 25, 2023
joshbressers
Ingress nginx annotation injection causes arbitrary command execution High
CVE-2023-5043 was published for k8s.io/ingress-nginx (Go) Oct 25, 2023
Under certain conditions, Nessus Network Monitor was found to not properly enforce input... High Unreviewed
CVE-2023-5624 was published Oct 26, 2023
Rockwell Automation FactoryTalk View Site Edition insufficiently validates user input, which... High Unreviewed
CVE-2023-46289 was published Oct 27, 2023
A denial-of-service vulnerability was found in the firmware used in Lenovo printers, where users... Moderate Unreviewed
CVE-2022-3429 was published Oct 27, 2023
HTML and SMTP injections on the registration page of LiquidFiles versions 3.7.13 and below, allow... Moderate Unreviewed
CVE-2023-4393 was published Oct 30, 2023
Cross-site Scripting (XSS) vulnerability in BlueSpiceAvatars extension of BlueSpice allows logged... Moderate Unreviewed
CVE-2023-42431 was published Oct 30, 2023
An SMI handler input validation vulnerability in the ThinkPad X1 Fold Gen 1 could allow an... Moderate Unreviewed
CVE-2022-4573 was published Oct 30, 2023
An SMI handler input validation vulnerability in the BIOS of some ThinkPad models could allow an... Moderate Unreviewed
CVE-2022-4574 was published Oct 30, 2023
Improper Input Validation in GitHub repository mintplex-labs/anything-llm prior to 0.1.0. Critical Unreviewed
CVE-2023-5832 was published Oct 30, 2023
An SMM driver input validation vulnerability in the BIOS of some ThinkPad models could allow an... Moderate Unreviewed
CVE-2022-48189 was published Oct 30, 2023
In Messaging, there is a possible way to disable the messaging application due to improper input... High Unreviewed
CVE-2023-21391 was published Oct 30, 2023
Kubernetes privilege escalation vulnerability High
CVE-2023-3676 was published for k8s.io/kubernetes (Go) Oct 31, 2023
Kubernetes privilege escalation vulnerability High
CVE-2023-3955 was published for k8s.io/kubernetes (Go) Oct 31, 2023
Improper access control in Elenos ETG150 FM transmitter v3.12 allows attackers to make arbitrary... Low Unreviewed
CVE-2023-37833 was published Nov 1, 2023
Dolibarr Improper Input Validation vulnerability High
CVE-2023-4197 was published for dolibarr/dolibarr (Composer) Nov 1, 2023
In TeleService, there is a possible system crash due to improper input validation. This could... Moderate Unreviewed
CVE-2022-48459 was published Nov 1, 2023
In TeleService, there is a possible system crash due to improper input validation. This could... Moderate Unreviewed
CVE-2022-48457 was published Nov 1, 2023
In TeleService, there is a possible system crash due to improper input validation. This could... Moderate Unreviewed
CVE-2022-48458 was published Nov 1, 2023
A vulnerability in the inter-device communication mechanisms between devices that are running... High Unreviewed
CVE-2023-20063 was published Nov 1, 2023
A vulnerability in the file download feature of Cisco Firepower Management Center (FMC) Software... Moderate Unreviewed
CVE-2023-20114 was published Nov 1, 2023
 Insecure job execution mechanism vulnerability. This vulnerability can lead to other attacks as... High Unreviewed
CVE-2023-40061 was published Nov 1, 2023
A vulnerability in an API of the Web Bridge feature of Cisco Meeting Server could allow an... Moderate Unreviewed
CVE-2023-20255 was published Nov 1, 2023
A vulnerability in the interaction between the Server Message Block (SMB) protocol preprocessor... Moderate Unreviewed
CVE-2023-20270 was published Nov 1, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database