Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,300
Erlang
31
GitHub Actions
21
Go
2,069
Maven
5,000+
npm
3,744
NuGet
668
pip
3,429
Pub
12
RubyGems
892
Rust
880
Swift
36
Unreviewed advisories
All unreviewed
5,000+

10,772 advisories

Loading
Improper input validation for some some Intel(R) PROSet/Wireless WiFi software for Windows before... High Unreviewed
CVE-2023-38654 was published May 16, 2024
Improper input validation in some Intel(R) CBI software before version 1.1.0 may allow an... Low Unreviewed
CVE-2023-43745 was published May 16, 2024
Improper input validation of EpsdSrMgmtConfig in UEFI firmware for some Intel(R) Server Board... Moderate Unreviewed
CVE-2023-22662 was published May 16, 2024
Improper input validation in some Intel(R) BIOS Guard firmware may allow a privileged user to... High Unreviewed
CVE-2023-28402 was published May 16, 2024
Improper input validation for some Intel(R) PROSet/Wireless WiFi software before version 23.20... Moderate Unreviewed
CVE-2023-38417 was published May 16, 2024
Improper input validation in PlatformVariableInitDxe driver in UEFI firmware for some Intel(R)... High Unreviewed
CVE-2024-22095 was published May 16, 2024
Improper input validation for some Intel(R) PROSet/Wireless WiFi software for linux before... Moderate Unreviewed
CVE-2023-47210 was published May 16, 2024
Improper input validation in UserAuthenticationSmm driver in UEFI firmware for some Intel(R)... High Unreviewed
CVE-2024-23487 was published May 16, 2024
Improper input validation in some Intel(R) Neural Compressor software before version 2.5.0 may... Critical Unreviewed
CVE-2024-22476 was published May 16, 2024
Improper input validation for some Intel(R) DLB driver software before version 8.5.0 may allow an... Moderate Unreviewed
CVE-2024-22015 was published May 16, 2024
Improper input validation in firmware for some Intel(R) FPGA products before version 2.9.1 may... Moderate Unreviewed
CVE-2024-22390 was published May 16, 2024
Improper input validation in PprRequestLog module in UEFI firmware for some Intel(R) Server... High Unreviewed
CVE-2024-22382 was published May 16, 2024
Zabbix server can perform command execution for configured scripts. After command is executed,... Critical Unreviewed
CVE-2024-22120 was published May 17, 2024
Dell BIOS contains an Improper Input Validation vulnerability. A local authenticated malicious... High Unreviewed
CVE-2024-22429 was published May 17, 2024
A potential vulnerability has been identified for OpenText Operations Bridge Reporter. The... High Unreviewed
CVE-2021-22508 was published May 17, 2024
In mintplex-labs/anything-llm, a vulnerability exists due to improper input validation in the... High Unreviewed
CVE-2024-4287 was published May 20, 2024
Cloud Foundry Routing Improper Input Validation vulnerability High
CVE-2019-11289 was published for code.cloudfoundry.org/gorouter (Go) May 18, 2021
Improper use of metav1.Duration allows for Denial of Service Moderate
CVE-2022-39272 was published for github.com/fluxcd/flux2 (Go) Oct 19, 2022
codablock
github.com/openshift/apiserver-library-go Improper Input Validation vulnerability Moderate
CVE-2023-0229 was published for github.com/openshift/apiserver-library-go (Go) Jan 26, 2023
Kubernetes apimachinery packages vulnerable to unbounded recursion in JSON or YAML parsing High
GHSA-74fp-r6jw-h4mp was published for k8s.io/apimachinery (Go) Feb 8, 2023
vitess allows users to create keyspaces that can deny access to already existing keyspaces Moderate
CVE-2023-29194 was published for vitess.io/vitess (Go) Apr 11, 2023
AdamKorcz ajm188
A flaw was found in FreeIPA. This issue may allow a remote attacker to craft a HTTP request with... Moderate Unreviewed
CVE-2024-1481 was published Apr 10, 2024
OpenStack Identity (Keystone) Denial of Service Moderate
CVE-2013-2014 was published for keystone (pip) May 13, 2022
silverstripe/framework uploaded PHP script execution in assets Moderate
GHSA-f43j-8hq4-2xj9 was published for silverstripe/framework (Composer) May 27, 2024
silverstripe/framework has possible denial of service attack vector when flushing High
GHSA-cwgq-83w5-8jfq was published for silverstripe/framework (Composer) May 28, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database