GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,968
Erlang
29
GitHub Actions
16
Go
1,749
Maven
4,978
npm
3,509
NuGet
609
pip
3,084
Pub
10
RubyGems
832
Rust
782
Swift
34
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
100,254 advisories
Filter by severity
Nothings stb 2.28 was discovered to contain a Null Pointer Dereference via the function...
Moderate
Unreviewed
CVE-2023-43898
was published
Oct 3, 2023
A cross-site scripting (XSS) vulnerability in the bpk-common/auth/login/index.html login portal...
Moderate
Unreviewed
CVE-2023-40519
was published
Oct 3, 2023
SSCMS 7.2.2 was discovered to contain a stored cross-site scripting (XSS) vulnerability via the...
Moderate
Unreviewed
CVE-2023-43952
was published
Oct 3, 2023
SSCMS 7.2.2 was discovered to contain a cross-site scripting (XSS) vulnerability via the Column...
Moderate
Unreviewed
CVE-2023-43951
was published
Oct 3, 2023
SSCMS 7.2.2 was discovered to contain a cross-site scripting (XSS) vulnerability via the Content...
Moderate
Unreviewed
CVE-2023-43953
was published
Oct 3, 2023
A flaw was found in the Linux Kernel's memory management subsytem. A task exits and releases a...
Moderate
Unreviewed
CVE-2023-4732
was published
Oct 3, 2023
A local non-privileged user can make improper GPU processing operations to exploit a software...
Moderate
Unreviewed
CVE-2023-33200
was published
Oct 3, 2023
A local non-privileged user can make improper GPU processing operations to access a limited...
Moderate
Unreviewed
CVE-2023-34970
was published
Oct 3, 2023
This vulnerability could allow an attacker to store a malicious JavaScript payload in the login...
Moderate
Unreviewed
CVE-2023-3196
was published
Oct 3, 2023
This vulnerability could allow an attacker to store a malicious JavaScript payload in the...
Moderate
Unreviewed
CVE-2023-4564
was published
Oct 3, 2023
Cross-Site Request Forgery (CSRF) vulnerability in Antsanchez Easy Cookie Law plugin <= 3.1...
Moderate
Unreviewed
CVE-2023-40198
was published
Oct 3, 2023
Cross-Site Request Forgery (CSRF) vulnerability in theDotstore Product Attachment for WooCommerce...
Moderate
Unreviewed
CVE-2023-40212
was published
Oct 3, 2023
Cross-Site Request Forgery (CSRF) vulnerability in theDotstore Fraud Prevention For Woocommerce...
Moderate
Unreviewed
CVE-2023-39159
was published
Oct 3, 2023
Cross-Site Request Forgery (CSRF) vulnerability in theDotstore Banner Management For WooCommerce...
Moderate
Unreviewed
CVE-2023-39158
was published
Oct 3, 2023
Man in the Middle vulnerability, which could allow an attacker to intercept VNF (Virtual Network...
Moderate
Unreviewed
CVE-2023-4885
was published
Oct 3, 2023
JFrog Artifactory prior to version 7.66.0 is vulnerable to specific endpoint abuse with a...
Moderate
Unreviewed
CVE-2023-42508
was published
Oct 3, 2023
Cross-Site Request Forgery (CSRF) vulnerability in NXLog Manager 5.6.5633 version. This...
Moderate
Unreviewed
CVE-2023-32792
was published
Oct 3, 2023
Authorization bypass vulnerability in UPV PEIX, affecting the component "pdf_curri_new.php"....
Moderate
Unreviewed
CVE-2023-2544
was published
Oct 3, 2023
A sensitive information exposure vulnerability was found in foreman. Contents of tomcat's server...
Moderate
Unreviewed
CVE-2023-4886
was published
Oct 3, 2023
Cross-Site Scripting (XSS) vulnerability in NXLog Manager 5.6.5633 version. This vulnerability...
Moderate
Unreviewed
CVE-2023-32790
was published
Oct 3, 2023
Cross-Site Scripting vulnerability
in BuddyBoss 2.2.9 version
, which could allow a local...
Moderate
Unreviewed
CVE-2023-32670
was published
Oct 3, 2023
Authorization bypass vulnerability in BuddyBoss 2.2.9 version, the exploitation of which could...
Moderate
Unreviewed
CVE-2023-32669
was published
Oct 3, 2023
A stored XSS vulnerability has been found on BuddyBoss Platform affecting version 2.2.9. This...
Moderate
Unreviewed
CVE-2023-32671
was published
Oct 3, 2023
Cross-Site Request Forgery (CSRF) vulnerability in ThimPress WP Pipes plugin <= 1.4.0 versions.
Moderate
Unreviewed
CVE-2023-40009
was published
Oct 3, 2023
Cross-Site Request Forgery (CSRF) vulnerability in NXLog Manager 5.6.5633 version. This...
Moderate
Unreviewed
CVE-2023-32791
was published
Oct 3, 2023
ProTip!
Advisories are also available from the
GraphQL API