GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,968
Erlang
29
GitHub Actions
16
Go
1,749
Maven
4,978
npm
3,509
NuGet
609
pip
3,084
Pub
10
RubyGems
832
Rust
782
Swift
34
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
100,254 advisories
Filter by severity
The QSige Monitor application does not have an access control mechanism to verify whether the...
Moderate
Unreviewed
CVE-2023-4099
was published
Oct 3, 2023
The QSige login SSO does not have an access control mechanism to verify whether the user...
Moderate
Unreviewed
CVE-2023-4101
was published
Oct 3, 2023
SQL Injection in GitHub repository salesagility/suitecrm prior to 7.14.1.
Moderate
Unreviewed
CVE-2023-5350
was published
Oct 3, 2023
Cross-site Scripting (XSS) vulnerability in Syslog Section of Pandora FMS allows attacker to...
Moderate
Unreviewed
CVE-2023-0828
was published
Oct 3, 2023
Information disclosure in WLAN HOST while processing the WLAN scan descriptor list during roaming...
Moderate
Unreviewed
CVE-2023-28571
was published
Oct 3, 2023
Path traversal vulnerability in ACERA 1320 firmware ver.01.26 and earlier, and ACERA 1310...
Moderate
Unreviewed
CVE-2023-43627
was published
Oct 3, 2023
Cross-site scripting vulnerability in FURUNO SYSTEMS wireless LAN access point devices allows an...
Moderate
Unreviewed
CVE-2023-39429
was published
Oct 3, 2023
The WP Responsive header image slider plugin for WordPress is vulnerable to Stored Cross-Site...
Moderate
Unreviewed
CVE-2023-5334
was published
Oct 3, 2023
Insertion of Sensitive Information into Log File vulnerability in Hitachi Ops Center...
Moderate
Unreviewed
CVE-2023-3335
was published
Oct 3, 2023
Cross Site Scripting vulnerability in mojoPortal v.2.7.0.0 allows a remote attacker to execute...
Moderate
Unreviewed
CVE-2023-44012
was published
Oct 3, 2023
A flaw exists in FlashBlade Purity whereby an authenticated user with access to FlashBlade’s...
Moderate
Unreviewed
CVE-2023-31042
was published
Oct 3, 2023
A flaw exists in FlashArray Purity wherein under limited circumstances, an array administrator...
Moderate
Unreviewed
CVE-2023-32572
was published
Oct 3, 2023
In Mosquitto before 2.0.16, excessive memory is allocated based on malicious initial packets that...
Moderate
Unreviewed
CVE-2023-0809
was published
Oct 2, 2023
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1969.
Moderate
Unreviewed
CVE-2023-5344
was published
Oct 2, 2023
A cross-site scripting (XSS) vulnerability in the publish article function of emlog pro v2.1.14...
Moderate
Unreviewed
CVE-2023-43267
was published
Oct 2, 2023
An issue in animal-art-lab v13.6.1 allows attackers to send crafted notifications via leakage of...
Moderate
Unreviewed
CVE-2023-43297
was published
Oct 2, 2023
There is a SQL injection vulnerability in the Jizhicms 2.4.9 backend, which users can use to...
Moderate
Unreviewed
CVE-2023-43836
was published
Oct 2, 2023
Buffer Overflow vulnerability in baramundi software GmbH EMM Agent 23.1.50 and before allows an...
Moderate
Unreviewed
CVE-2023-37605
was published
Oct 2, 2023
Incorrect validation vulnerability of the data entered, allowing an attacker with access to the...
Moderate
Unreviewed
CVE-2023-3770
was published
Oct 2, 2023
A vulnerability was found in Most Popular Posts Widget Plugin up to 0.8 on WordPress. It has been...
Moderate
Unreviewed
CVE-2015-10124
was published
Oct 2, 2023
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Jewel Theme WP Adminify plugin ...
Moderate
Unreviewed
CVE-2023-44266
was published
Oct 2, 2023
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Gopi Ramasamy Popup contact...
Moderate
Unreviewed
CVE-2023-44265
was published
Oct 2, 2023
Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Arrow Plugins The Awesome...
Moderate
Unreviewed
CVE-2023-44264
was published
Oct 2, 2023
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Gopi Ramasamy Onclick show...
Moderate
Unreviewed
CVE-2023-44228
was published
Oct 2, 2023
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Gopi Ramasamy Popup contact...
Moderate
Unreviewed
CVE-2023-44230
was published
Oct 2, 2023
ProTip!
Advisories are also available from the
GraphQL API