GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 19,370
Composer 3,968
Erlang 29
GitHub Actions 16
Go 1,749
Maven 4,978
npm 3,509
NuGet 609
pip 3,084
Pub 10
RubyGems 832
Rust 782
Swift 34

Unreviewed advisories

All unreviewed 221,313

CC-BY-4.0 License

Language support

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

86,720 advisories

Filter by severity

Sort by

Least recently updated

The WP Fastest Cache WordPress plugin before 1.1.5 does not have CSRF check in an AJAX action,... High Unreviewed

CVE-2023-1938 was published May 30, 2023

The Newsletter Popup WordPress plugin through 1.2 does not have CSRF checks in some places, which... High Unreviewed

CVE-2023-0766 was published May 30, 2023

The Elementor Website Builder WordPress plugin before 3.12.2 does not properly sanitize and... High Unreviewed

CVE-2023-0329 was published May 30, 2023

Minecraft through 1.19 and 1.20 pre-releases before 7 (Java) allow arbitrary file overwrite, and... High Unreviewed

CVE-2023-33245 was published May 30, 2023

Versions of the package yhirose/cpp-httplib before 0.12.4 are vulnerable to CRLF Injection when... High Unreviewed

CVE-2023-26130 was published May 30, 2023

The post-authentication command injection vulnerability in the Zyxel NAS326 firmware versions... High Unreviewed

CVE-2023-27988 was published May 30, 2023

An issue was discovered in AudioCodes Device Manager Express through 7.8.20002.47752. It is... High Unreviewed

CVE-2022-24628 was published May 29, 2023

An issue was discovered in AudioCodes Device Manager Express through 7.8.20002.47752. BrowseFiles... High Unreviewed

CVE-2022-24630 was published May 29, 2023

A directory traversal vulnerability on Mercury MAC1200R devices allows attackers to read... High Unreviewed

CVE-2021-27825 was published May 29, 2023

Yank Note (YN) 3.52.1 allows execution of arbitrary code when a crafted file is opened, e.g., via... High Unreviewed

CVE-2023-31874 was published May 29, 2023

In ebankIT 6, the public endpoints /public/token/Email/generate and /public/token/SMS/generate... High Unreviewed

CVE-2023-33291 was published May 29, 2023

Warpinator before 1.6.0 allows remote file deletion via directory traversal in top_dir_basenames. High Unreviewed

CVE-2023-29380 was published May 29, 2023

Gin 0.7.4 allows execution of arbitrary code when a crafted file is opened, e.g., via require(... High Unreviewed

CVE-2023-31873 was published May 29, 2023

FS S3900-24T4S devices allow authenticated attackers with guest access to escalate their... High Unreviewed

CVE-2023-30350 was published May 29, 2023

pluto in Libreswan before 4.11 allows a denial of service (responder SPI mishandling and daemon... High Unreviewed

CVE-2023-30570 was published May 29, 2023

An issue was discovered in Qt before 5.15.15, 6.x before 6.2.9, and 6.3.x through 6.5.x before 6... High Unreviewed

CVE-2023-32763 was published May 29, 2023

Cross-site Scripting (XSS) - Reflected in GitHub repository openemr/openemr prior to 7.0.1. High Unreviewed

CVE-2023-2949 was published May 28, 2023

Cross-site Scripting (XSS) - Generic in GitHub repository openemr/openemr prior to 7.0.1. High Unreviewed

CVE-2023-2948 was published May 28, 2023

Improper Input Validation in GitHub repository openemr/openemr prior to 7.0.1. High Unreviewed

CVE-2023-2942 was published May 28, 2023

Improper scheme validation from InstantPlay Deeplink in Galaxy Store prior to version 4.5.49.8... High Unreviewed

CVE-2023-21514 was published May 27, 2023

InstantPlay which included vulnerable script which could execute javascript in Galaxy Store prior... High Unreviewed

CVE-2023-21515 was published May 27, 2023

An issue has been discovered in GitLab CE/EE affecting only version 16.0.0. An unauthenticated... High Unreviewed

CVE-2023-2825 was published May 26, 2023

GDSDB infinite loop in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allows denial of service via... High Unreviewed

CVE-2023-2879 was published May 26, 2023

A use after free vulnerability exists in curl <v8.1.0 in the way libcurl offers a feature to... High Unreviewed

CVE-2023-28319 was published May 26, 2023

Talend Data Catalog remote harvesting server before 8.0-20230413 contains a /upgrade endpoint... High Unreviewed

CVE-2023-33247 was published May 26, 2023

Previous 1 2 … 396 397 398 399 400 Next

ProTip! Advisories are also available from the GraphQL API

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

86,720 advisories