Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,081
Erlang
29
GitHub Actions
19
Go
1,909
Maven
5,000+
npm
3,642
NuGet
638
pip
3,258
Pub
10
RubyGems
869
Rust
820
Swift
35
Unreviewed advisories
All unreviewed
5,000+

97,392 advisories

Loading
Certain WithSecure products allow a remote crash of a scanning engine via processing of a... High Unreviewed
CVE-2023-42521 was published Sep 18, 2023
Certain WithSecure products allow a remote crash of a scanning engine via processing of an import... High Unreviewed
CVE-2023-42522 was published Sep 18, 2023
Certain WithSecure products allow a remote crash of a scanning engine via decompression of... High Unreviewed
CVE-2023-42526 was published Sep 18, 2023
ASUS router RT-AX88U has a vulnerability of using externally controllable format strings within... High Unreviewed
CVE-2023-41349 was published Sep 18, 2023
Certain WithSecure products allow a remote crash of a scanning engine via unpacking of crafted... High Unreviewed
CVE-2023-42520 was published Sep 18, 2023
SUNNET WMPro portal's FAQ function has insufficient validation for user input. An... High Unreviewed
CVE-2023-35851 was published Sep 18, 2023
SUNNET WMPro portal's file management function has a vulnerability of insufficient filtering for... High Unreviewed
CVE-2023-35850 was published Sep 18, 2023
The Dropbox Folder Share plugin for WordPress is vulnerable to Server-Side Request Forgery in... High Unreviewed
CVE-2023-3025 was published Sep 16, 2023
A flaw was found in OpenStack. Multiple components show plain-text passwords in /var/log/messages... High Unreviewed
CVE-2022-3261 was published Sep 15, 2023
A flaw was found in the Network Observability plugin for OpenShift console. Unless the Loki... High Unreviewed
CVE-2023-0813 was published Sep 15, 2023
Buffer Overflow vulnerability in Control de Ciber version 1.650, in the printing function.... High Unreviewed
CVE-2022-48475 was published Sep 15, 2023
An issue was discovered in Bezeq Vtech NB403-IL version BZ_2.02.07.09.13.01 and Vtech IAD604-IL... High Unreviewed
CVE-2022-47848 was published Sep 15, 2023
SD ROM Utility, versions prior to 1.0.2.0 contain an Improper Access Control vulnerability. A... High Unreviewed
CVE-2023-3039 was published Sep 15, 2023
Control de Ciber, in its 1.650 version, is affected by a Denial of Service condition through the... High Unreviewed
CVE-2022-48474 was published Sep 15, 2023
Cyber Control, in its 1.650 version, is affected by a vulnerability in the generation on the... High Unreviewed
CVE-2022-4896 was published Sep 15, 2023
Incorrect Execution-Assigned Permissions vulnerability in Saphira Saphira Connect allows... High Unreviewed
CVE-2023-4665 was published Sep 15, 2023
An issue was discovered in OPSWAT MetaDefender KIOSK 4.6.1.9996. It has an unquoted service path... High Unreviewed
CVE-2023-36658 was published Sep 15, 2023
Race condition in Lapce v0.2.8 allows an attacker to elevate privileges on the system High Unreviewed
CVE-2023-3891 was published Sep 15, 2023
A SQL injection vulnerability in Didotech srl Engineering & Lifecycle Management (aka pdm) v.14.0... High Unreviewed
CVE-2023-40957 was published Sep 15, 2023
A SQL injection vulnerability in Cloudroits Website Job Search v.15.0 allows a remote... High Unreviewed
CVE-2023-40956 was published Sep 15, 2023
A SQL injection vulnerability in Didotech srl Engineering & Lifecycle Management (aka pdm) v.14.0... High Unreviewed
CVE-2023-40958 was published Sep 15, 2023
A SQL injection vulnerability in Didotech srl Engineering & Lifecycle Management (aka pdm) v.14.0... High Unreviewed
CVE-2023-40955 was published Sep 15, 2023
SQL injection vulnerability in Vtiger CRM v.7.5.0 allows a remote authenticated attacker to... High Unreviewed
CVE-2023-38891 was published Sep 15, 2023
Cross Site Request Forgery vulnerability in mooSocial MooSocial Software v.Demo allows a remote... High Unreviewed
CVE-2023-40868 was published Sep 15, 2023
Weak access control in Wing FTP Server (Admin Web Client) allows for privilege escalation.This... High Unreviewed
CVE-2023-37881 was published Sep 15, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database