GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,968
Erlang
29
GitHub Actions
16
Go
1,752
Maven
4,982
npm
3,516
NuGet
609
pip
3,090
Pub
10
RubyGems
832
Rust
782
Swift
34
Unreviewed advisories
All unreviewed
5,000+
93,478 advisories
Filter by severity
NGINX Management Suite may allow an authenticated attacker to gain access to configuration...
High
Unreviewed
CVE-2023-28656
was published
Jul 6, 2023
league/oauth2-server key exposed in exception message when passing as a string and providing an invalid pass phrase
High
CVE-2023-37260
was published
for
league/oauth2-server
(Composer)
Jul 6, 2023
ethyca-fides Webserver API Path Traversal vulnerability
High
CVE-2023-36827
was published
for
ethyca-fides
(pip)
Jul 6, 2023
Sanitize vulnerable to Cross-site Scripting via insufficient neutralization of `style` element content
High
CVE-2023-36823
was published
for
sanitize
(RubyGems)
Jul 6, 2023
Cross-Site Request Forgery (CSRF) vulnerability in Pods Framework Team Pods – Custom Content...
High
Unreviewed
CVE-2023-23790
was published
Jul 6, 2023
Cross-Site Request Forgery (CSRF) vulnerability in Tips and Tricks HQ, Ruhul Amin Category...
High
Unreviewed
CVE-2023-22691
was published
Jul 6, 2023
A post-authentication command injection vulnerability in the “account_operator.cgi” CGI program...
High
Unreviewed
CVE-2023-22913
was published
Jul 6, 2023
A path traversal vulnerability in the “account_print.cgi” CGI program of Zyxel USG FLEX series...
High
Unreviewed
CVE-2023-22914
was published
Jul 6, 2023
A buffer overflow vulnerability in the “fbwifi_forward.cgi” CGI program of Zyxel USG FLEX series...
High
Unreviewed
CVE-2023-22915
was published
Jul 6, 2023
The Profile Builder – User Profile & User Registration Forms plugin for WordPress is vulnerable...
High
Unreviewed
CVE-2023-2297
was published
Jul 6, 2023
A use-after-free vulnerability in the Linux Kernel io_uring subsystem can be exploited to achieve...
High
Unreviewed
CVE-2023-2236
was published
Jul 6, 2023
A valid XCC user's local account permissions overrides their active directory permissions under...
High
Unreviewed
CVE-2023-29057
was published
Jul 6, 2023
A use-after-free vulnerability in the Linux Kernel Performance Events system can be exploited to...
High
Unreviewed
CVE-2023-2235
was published
Jul 6, 2023
The sensitive information exposure vulnerability in the CGI “Export_Log” and the binary “zcmd” in...
High
Unreviewed
CVE-2023-28770
was published
Jul 6, 2023
A buffer overflow vulnerability in the “sdwan_iface_ipc” binary of Zyxel ATP series firmware...
High
Unreviewed
CVE-2023-22917
was published
Jul 6, 2023
Cross-Site Request Forgery (CSRF) vulnerability in TriniTronic Nice PayPal Button Lite plugin <=...
High
Unreviewed
CVE-2023-22686
was published
Jul 6, 2023
Cross-Site Request Forgery (CSRF) vulnerability in Nicolas Zeh PHP Execution plugin <= 1.0.0...
High
Unreviewed
CVE-2023-23879
was published
Jul 6, 2023
Cross-Site Request Forgery (CSRF) vulnerability in Paramveer Singh for Arete IT Private Limited...
High
Unreviewed
CVE-2022-45074
was published
Jul 6, 2023
Cross-Site Request Forgery (CSRF) vulnerability in KrishaWeb Add Multiple Marker plugin <= 1.2...
High
Unreviewed
CVE-2022-45080
was published
Jul 6, 2023
Qihoo 360 (https://www.360.cn/) Qihoo 360 Safeguard (https://www.360.cn/) Qihoo 360 Total...
High
Unreviewed
CVE-2021-33971
was published
Jul 6, 2023
Qihoo 360 (https://www.360.cn/) Qihoo 360 Safeguard (https://www.360.cn/) Qihoo 360 Chrome (https...
High
Unreviewed
CVE-2021-33974
was published
Jul 6, 2023
A CWE-668: Exposure of Resource to Wrong Sphere vulnerability exists that could cause
remote...
High
Unreviewed
CVE-2023-27976
was published
Jul 6, 2023
Desktop component service allows lateral movement between sessions in M-Files before 23.4.12455.0.
High
Unreviewed
CVE-2023-2112
was published
Jul 6, 2023
A CWE-307: Improper Restriction of Excessive Authentication Attempts vulnerability exists...
High
Unreviewed
CVE-2022-43377
was published
Jul 6, 2023
A maliciously crafted X_B file when parsed through Autodesk® AutoCAD® 2023 can force an Out-of...
High
Unreviewed
CVE-2023-27912
was published
Jul 6, 2023
ProTip!
Advisories are also available from the
GraphQL API