GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,968
Erlang
29
GitHub Actions
16
Go
1,749
Maven
4,978
npm
3,509
NuGet
609
pip
3,084
Pub
10
RubyGems
832
Rust
782
Swift
34
Unreviewed advisories
All unreviewed
5,000+
108,886 advisories
Filter by severity
Use of implicit intent for sensitive communication vulnerability in startNameValidationActivity...
Moderate
Unreviewed
CVE-2023-42549
was published
Nov 13, 2023
A vulnerability classified as problematic was found in dstar2018 Agency up to 61. Affected by...
Moderate
Unreviewed
CVE-2019-25156
was published
Nov 13, 2023
Use of implicit intent for sensitive communication vulnerability in startSignIn in Samsung...
Moderate
Unreviewed
CVE-2023-42550
was published
Nov 13, 2023
UrBackup Server 2.5.31 allows brute-force enumeration of user accounts because a failure message...
Moderate
Unreviewed
CVE-2023-47102
was published
Nov 13, 2023
An issue was discovered in dreamer_cms 4.1.3. There is a CSRF vulnerability that can delete a...
Moderate
Unreviewed
CVE-2023-48063
was published
Nov 13, 2023
DedeCMS v6.2 was discovered to contain a Cross-site Scripting (XSS) vulnerability via spec_add.php.
Moderate
Unreviewed
CVE-2023-48068
was published
Nov 13, 2023
A vulnerability, which was classified as problematic, was found in Maiwei Safety Production...
Moderate
Unreviewed
CVE-2023-6102
was published
Nov 13, 2023
A vulnerability, which was classified as problematic, has been found in Maiwei Safety Production...
Moderate
Unreviewed
CVE-2023-6101
was published
Nov 13, 2023
Improper Input Validation with USB Gadget Interface prior to SMR Nov-2023 Release 1 allows a...
Moderate
Unreviewed
CVE-2023-42533
was published
Nov 13, 2023
Improper input validation vulnerability in ChooserActivity prior to SMR Nov-2023 Release 1 allows...
Moderate
Unreviewed
CVE-2023-42534
was published
Nov 13, 2023
Use of implicit intent for sensitive communication vulnerability in startEmailValidationActivity...
Moderate
Unreviewed
CVE-2023-42547
was published
Nov 13, 2023
Use of implicit intent for sensitive communication vulnerability in startTncActivity in Samsung...
Moderate
Unreviewed
CVE-2023-42551
was published
Nov 13, 2023
A vulnerability classified as problematic was found in Maiwei Safety Production Control Platform...
Moderate
Unreviewed
CVE-2023-6100
was published
Nov 13, 2023
Use of implicit intent for sensitive communication vulnerability in startMandatoryCheckActivity...
Moderate
Unreviewed
CVE-2023-42548
was published
Nov 13, 2023
Use of implicit intent for sensitive communication vulnerability in...
Moderate
Unreviewed
CVE-2023-42546
was published
Nov 13, 2023
Unrestricted Upload of File with Dangerous Type in GitHub repository pkp/pkp-lib prior to 3.3.0-16.
Moderate
Unreviewed
CVE-2023-5901
was published
Nov 13, 2023
Improper input validation vulnerability in ProcessWriteFile of libsec-ril prior to SMR Nov-2023...
Moderate
Unreviewed
CVE-2023-42527
was published
Nov 13, 2023
Cross-Site Request Forgery (CSRF) in GitHub repository pkp/pkp-lib prior to 3.3.0-16.
Moderate
Unreviewed
CVE-2023-5902
was published
Nov 13, 2023
An XSS vulnerability has been discovered in ICS Business Manager affecting version 7.06.0028.7066...
Moderate
Unreviewed
CVE-2023-6098
was published
Nov 13, 2023
Cross-site Scripting (XSS) - Stored in GitHub repository pkp/pkp-lib prior to 3.3.0-16.
Moderate
Unreviewed
CVE-2023-5903
was published
Nov 13, 2023
Cross-site Scripting (XSS) - Stored in GitHub repository pkp/pkp-lib prior to 3.3.0-16.
Moderate
Unreviewed
CVE-2023-5904
was published
Nov 13, 2023
The POWR plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'powr...
Moderate
Unreviewed
CVE-2023-5741
was published
Nov 13, 2023
The Advanced iFrame plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ...
Moderate
Unreviewed
CVE-2023-4775
was published
Nov 13, 2023
An issue was discovered in Click Studios Passwordstate before 9811. Existing users (Security...
Moderate
Unreviewed
CVE-2023-47801
was published
Nov 13, 2023
Server-Side Request Forgery (SSRF) vulnerability in WPChill Download Monitor.This issue affects...
Moderate
Unreviewed
CVE-2023-31219
was published
Nov 13, 2023
ProTip!
Advisories are also available from the
GraphQL API