Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,083
Erlang
29
GitHub Actions
19
Go
1,909
Maven
5,000+
npm
3,644
NuGet
638
pip
3,260
Pub
10
RubyGems
869
Rust
820
Swift
35
Unreviewed advisories
All unreviewed
5,000+

1,710 advisories

Loading
Missing access control in Silverpeas High
CVE-2023-47323 was published for org.silverpeas.core:silverpeas-core-api (Maven) Dec 13, 2023
Cross Site Request Forgery in Silverpeas High
CVE-2023-47326 was published for org.silverpeas.core:silverpeas-core (Maven) Dec 13, 2023
Directory Traversal in JFinalCMS High
CVE-2023-50449 was published for com.jfinal:jfinal (Maven) Dec 10, 2023
Authorization bypass in Quarkus High
CVE-2023-6394 was published for io.quarkus:quarkus-smallrye-graphql-client (Maven) Dec 9, 2023
cescoffier
Data leak of password hash through change requests High
CVE-2023-49280 was published for org.xwiki.contrib.changerequest:application-changerequest-default (Maven) Dec 5, 2023
michitux
Cross-Site Request Forgery in JFinalCMS via /admin/tag/save High
CVE-2023-49383 was published for com.jfinal:jfinal (Maven) Dec 5, 2023
Cross-Site Request Forgery in JFinalCMS via /admin/category/delete High
CVE-2023-49398 was published for com.jfinal:jfinal (Maven) Dec 5, 2023
Cross-Site Request Forgery in JFinalCMS via admin/nav/delete High
CVE-2023-49448 was published for com.jfinal:jfinal (Maven) Dec 5, 2023
Cross-Site Request Forgery in JFinalCMS via /admin/div/update High
CVE-2023-49381 was published for com.jfinal:jfinal (Maven) Dec 5, 2023
Cross-Site Request Forgery in JFinalCMS via /admin/category/updateStatus High
CVE-2023-49397 was published for com.jfinal:jfinal (Maven) Dec 5, 2023
Cross-Site Request Forgery in JFinalCMS via /admin/div/delete High
CVE-2023-49382 was published for com.jfinal:jfinal (Maven) Dec 5, 2023
Cross-Site Request Forgery in JFinalCMS via /admin/category/update High
CVE-2023-49395 was published for com.jfinal:jfinal (Maven) Dec 5, 2023
Cross-Site Request Forgery in JFinalCMS via /admin/nav/save High
CVE-2023-49446 was published for com.jfinal:jfinal (Maven) Dec 5, 2023
Cross-Site Request Forgery in JFinalCMS via /admin/category/save High
CVE-2023-49396 was published for com.jfinal:jfinal (Maven) Dec 5, 2023
Cross-Site Request Forgery in JFinalCMS via /admin/nav/update High
CVE-2023-49447 was published for com.jfinal:jfinal (Maven) Dec 5, 2023
Cross-Site Request Forgery in JFinalCMS via /admin/slide/update High
CVE-2023-49374 was published for com.jfinal:jfinal (Maven) Dec 5, 2023
Cross-Site Request Forgery in JFinalCMS via /admin/tag/update High
CVE-2023-49377 was published for com.jfinal:jfinal (Maven) Dec 5, 2023
Cross-Site Request Forgery in JFinalCMS High
CVE-2023-49372 was published for com.jfinal:jfinal (Maven) Dec 5, 2023
Cross-Site Request Forgery in JFinalCMS via /admin/friend_link/delete High
CVE-2023-49380 was published for com.jfinal:jfinal (Maven) Dec 5, 2023
Cross-Site Request Forgery in JFinalCMS High
CVE-2023-49376 was published for com.jfinal:jfinal (Maven) Dec 5, 2023
Cross-Site Request Forgery in JFinalCMS via /admin/form/save High
CVE-2023-49378 was published for com.jfinal:jfinal (Maven) Dec 5, 2023
Cross-Site Request Forgery in JFinalCMS via the component /admin/friend_link/save High
CVE-2023-49379 was published for com.jfinal:jfinal (Maven) Dec 5, 2023
Cross-Site Request Forgery in JFinalCMS via /admin/friend_link/update High
CVE-2023-49375 was published for com.jfinal:jfinal (Maven) Dec 5, 2023
Cross-Site Request Forgery in JFinalCMS High
CVE-2023-49373 was published for com.jfinal:jfinal (Maven) Dec 5, 2023
Apache Struts Improper Control of Dynamically-Managed Code Resources vulnerability High
CVE-2023-41835 was published for org.apache.struts:struts2-core (Maven) Dec 5, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database