Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,360
Erlang
33
GitHub Actions
22
Go
2,127
Maven
5,000+
npm
3,793
NuGet
683
pip
3,471
Pub
12
RubyGems
894
Rust
894
Swift
38
Unreviewed advisories
All unreviewed
5,000+

24,580 advisories

Loading
An issue found in Zend Framework v.3.1.3 and before allow a remote attacker to execute arbitrary... Critical Unreviewed
CVE-2020-29312 was published Apr 4, 2023
Improper restriction of excessive authentication attempts in the SSHGuard component of Netgate... Critical Unreviewed
CVE-2023-27100 was published Mar 23, 2023
A vulnerability, which was classified as critical, was found in SourceCodester Online Computer... Critical Unreviewed
CVE-2023-1826 was published Apr 4, 2023
Kardex Mlog MCC 5.7.12+0-a203c2a213-master allows remote code execution. It spawns a web... Critical Unreviewed
CVE-2023-22855 was published Feb 15, 2023
OS command injection affects Altenergy Power Control Software C1.2.5 via shell metacharacters in... Critical Unreviewed
CVE-2023-28343 was published Mar 14, 2023
Payara Server allows remote attackers to load malicious code on the server once a JNDI directory scan is performed Critical
CVE-2023-28462 was published for fish.payara.server:payara-aggregator (Maven) Mar 30, 2023
A vulnerability in Cisco Integrated Management Controller (IMC) Supervisor, Cisco UCS Director,... Critical Unreviewed
CVE-2019-1935 was published May 24, 2022
Databasir v1.0.7 was discovered to contain a remote code execution (RCE) vulnerability via the... Critical Unreviewed
CVE-2023-27821 was published Mar 28, 2023
SQL injection vulnerability found in PrestaShop xipblog v.2.0.1 and before allow a remote... Critical Unreviewed
CVE-2023-27847 was published Mar 27, 2023
OpenAPI Generator vulnerable to Server-Side Request Forgery Critical
CVE-2023-27162 was published for org.openapitools:openapi-generator-project (Maven) Mar 31, 2023
Ming-Soft MCMS vulnerable to SQL injection Critical
CVE-2020-20913 was published for net.mingsoft:ms-mcms (Maven) Apr 4, 2023
jeecg-boot vulnerable to improper authentication Critical
CVE-2023-1784 was published for org.jeecgframework.boot:jeecg-boot-parent (Maven) Mar 31, 2023
vm2 vulnerable to sandbox escape Critical
CVE-2023-29017 was published for vm2 (npm) Apr 7, 2023
seongil-wi rectcoordsystem
A vulnerability classified as critical was found in OTCMS 6.0.1. Affected by this vulnerability... Critical Unreviewed
CVE-2023-1797 was published Apr 2, 2023
ComponentSpace.Saml2 4.4.0 Missing SSL Certificate Validation. Critical Unreviewed
CVE-2022-45597 was published Mar 25, 2023
A vulnerability was found in grinnellplans-php up to 3.0. It has been declared as critical.... Critical Unreviewed
CVE-2015-10097 was published Mar 25, 2023
An issue was discovered in ksmbd in the Linux kernel before 5.19.2. fs/ksmbd/smb2pdu.c has a use... Critical Unreviewed
CVE-2022-47939 was published Dec 23, 2022
A vulnerability was found in OTCMS 6.72. It has been classified as critical. Affected is the... Critical Unreviewed
CVE-2023-1634 was published Mar 25, 2023
Delta Electronics InfraSuite Device Master versions prior to 1.0.5 contain a vulnerability that... Critical Unreviewed
CVE-2023-1140 was published Mar 27, 2023
DEK-1705 <=Firmware:34.23.1 device was discovered to have a command execution vulnerability. Critical Unreviewed
CVE-2023-23149 was published Mar 25, 2023
Zoho ManageEngine ADSelfService Plus through 6203 is vulnerable to a brute-force attack that... Critical Unreviewed
CVE-2022-36413 was published Mar 23, 2023
In ProfSixDecomTcpSACKoption of RohcPacketCommon, there is a possible out of bounds write due to... Critical Unreviewed
CVE-2023-21057 was published Mar 24, 2023
An issue was discovered in Independentsoft JSpreadsheet before 1.1.110. The API is prone to XML... Critical Unreviewed
CVE-2023-28151 was published Mar 24, 2023
In Delta Electronics InfraSuite Device Master versions prior to 1.0.5, an attacker could use URL... Critical Unreviewed
CVE-2023-1142 was published Mar 27, 2023
** DISPUTED ** A vulnerability, which was classified as critical, was found in Ubiquiti... Critical Unreviewed
CVE-2023-1457 was published Mar 25, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database