GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,968
Erlang
29
GitHub Actions
16
Go
1,752
Maven
4,982
npm
3,516
NuGet
609
pip
3,090
Pub
10
RubyGems
832
Rust
782
Swift
34
Unreviewed advisories
All unreviewed
5,000+
108,947 advisories
Filter by severity
An issue was discovered in dreamer_cms 4.1.3. There is a CSRF vulnerability that can delete a...
Moderate
Unreviewed
CVE-2023-48063
was published
Nov 13, 2023
Improper input validation vulnerability in ProcessWriteFile of libsec-ril prior to SMR Nov-2023...
Moderate
Unreviewed
CVE-2023-42527
was published
Nov 13, 2023
Unrestricted Upload of File with Dangerous Type in GitHub repository pkp/pkp-lib prior to 3.3.0-16.
Moderate
Unreviewed
CVE-2023-5901
was published
Nov 13, 2023
Cross-Site Request Forgery (CSRF) in GitHub repository pkp/pkp-lib prior to 3.3.0-16.
Moderate
Unreviewed
CVE-2023-5902
was published
Nov 13, 2023
Cross-site Scripting (XSS) - Stored in GitHub repository pkp/pkp-lib prior to 3.3.0-16.
Moderate
Unreviewed
CVE-2023-5904
was published
Nov 13, 2023
Cross-site Scripting (XSS) - Stored in GitHub repository pkp/pkp-lib prior to 3.3.0-16.
Moderate
Unreviewed
CVE-2023-5903
was published
Nov 13, 2023
An XSS vulnerability has been discovered in ICS Business Manager affecting version 7.06.0028.7066...
Moderate
Unreviewed
CVE-2023-6098
was published
Nov 13, 2023
An issue was discovered in Click Studios Passwordstate before 9811. Existing users (Security...
Moderate
Unreviewed
CVE-2023-47801
was published
Nov 13, 2023
The Advanced iFrame plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ...
Moderate
Unreviewed
CVE-2023-4775
was published
Nov 13, 2023
The POWR plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'powr...
Moderate
Unreviewed
CVE-2023-5741
was published
Nov 13, 2023
IBM CICS TX Advanced 10.1 is vulnerable to cross-site scripting. This vulnerability allows users...
Moderate
Unreviewed
CVE-2023-38364
was published
Nov 13, 2023
[PROBLEMTYPE] in [COMPONENT] in [VENDOR] [PRODUCT] [VERSION] on [PLATFORMS] allows [ATTACKER] to ...
Moderate
Unreviewed
CVE-2023-38363
was published
Nov 13, 2023
Cross-Site Request Forgery (CSRF) vulnerability in BRANDbrilliance Post State Tags plugin <= 2.0...
Moderate
Unreviewed
CVE-2023-32588
was published
Nov 13, 2023
Cross-Site Request Forgery (CSRF) vulnerability in Cozmoslabs User Profile Builder – Beautiful...
Moderate
Unreviewed
CVE-2023-47669
was published
Nov 13, 2023
Server-Side Request Forgery (SSRF) vulnerability in StylemixThemes Motors – Car Dealer,...
Moderate
Unreviewed
CVE-2023-46207
was published
Nov 13, 2023
Cross-Site Request Forgery (CSRF) vulnerability in David Stöckl Custom Header Images plugin <= 1...
Moderate
Unreviewed
CVE-2023-46636
was published
Nov 13, 2023
Cross-Site Request Forgery (CSRF) vulnerability in Prashant Walke WP All Backup plugin <= 2.4.3...
Moderate
Unreviewed
CVE-2023-32583
was published
Nov 13, 2023
Cross-Site Request Forgery (CSRF) vulnerability in Krzysztof Wielogórski Stop Referrer Spam...
Moderate
Unreviewed
CVE-2023-33207
was published
Nov 13, 2023
Cross-Site Request Forgery (CSRF) vulnerability in scriptburn.Com WP Hide Post plugin <= 2.0.10...
Moderate
Unreviewed
CVE-2023-34378
was published
Nov 13, 2023
Cross-Site Request Forgery (CSRF) vulnerability in DAEXT Autolinks Manager plugin <= 1.10.04...
Moderate
Unreviewed
CVE-2023-46625
was published
Nov 13, 2023
Cross-Site Request Forgery (CSRF) vulnerability in WebDorado WDSocialWidgets plugin <= 1.0.15...
Moderate
Unreviewed
CVE-2023-46619
was published
Nov 13, 2023
Cross-Site Request Forgery (CSRF) vulnerability in Cimatti Consulting WordPress Contact Forms by...
Moderate
Unreviewed
CVE-2023-47230
was published
Nov 13, 2023
Cross-Site Request Forgery (CSRF) vulnerability in themelocation Remove Add to Cart WooCommerce...
Moderate
Unreviewed
CVE-2023-46629
was published
Nov 13, 2023
Cross-Site Request Forgery (CSRF) vulnerability in Webcodin WCP OpenWeather plugin <= 2.5.0...
Moderate
Unreviewed
CVE-2023-46638
was published
Nov 13, 2023
Cross-Site Request Forgery (CSRF) vulnerability in Kebo Kebo Twitter Feed plugin <= 1.5.12 versions.
Moderate
Unreviewed
CVE-2023-34384
was published
Nov 13, 2023
ProTip!
Advisories are also available from the
GraphQL API