Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,360
Erlang
33
GitHub Actions
22
Go
2,127
Maven
5,000+
npm
3,793
NuGet
683
pip
3,471
Pub
12
RubyGems
894
Rust
894
Swift
38
Unreviewed advisories
All unreviewed
5,000+

24,580 advisories

Loading
An issue was discovered in Independentsoft JODF before 1.1.110. The API is prone to XML external... Critical Unreviewed
CVE-2023-28150 was published Mar 25, 2023
A vulnerability was found in SourceCodester Police Crime Record Management System 1.0. It has... Critical Unreviewed
CVE-2023-1793 was published Apr 2, 2023
SQL Injection vulnerability found in San Luan PublicCMS v.4.0 allows a remote attacker to execute... Critical Unreviewed
CVE-2020-20914 was published Apr 4, 2023
SQL Injection vulnerability found in PublicCMS v.4.0 allows a remote attacker to execute... Critical Unreviewed
CVE-2020-20915 was published Apr 4, 2023
Answer contains Improper Access Control vulnerability Critical
CVE-2023-0744 was published for github.com/answerdev/answer (Go) Feb 8, 2023
PHAR deserialization allowing remote code execution Critical
CVE-2023-28115 was published for knplabs/knp-snappy (Composer) Mar 17, 2023
psmoros nightfury99
Use of hard-coded, security-relevant constants in deepset-ai/haystack Critical
CVE-2023-1712 was published for farm-haystack (pip) Mar 30, 2023
Out of bounds read in bra Critical
CVE-2021-25905 was published for bra (Rust) Aug 25, 2021
tdunlap607
Gluu Oxauth before v4.4.1 vulnerable to Server-Side Request Forgery attacks via a crafted request_uri parameter Critical
CVE-2022-36663 was published for org.gluu:oxauth-common (Maven) Sep 7, 2022
tdunlap607
SQL Injection vulnerability in Intern Record System version 1.0 in /intern/controller.php in ... Critical Unreviewed
CVE-2022-40347 was published Feb 17, 2023
SQL Injection vulnerability in Simple Task Managing System version 1.0 in login.php in 'username'... Critical Unreviewed
CVE-2022-40032 was published Feb 17, 2023
Rapid7 Nexpose versions 6.6.186 and below suffer from a forced browsing vulnerability. This... Critical Unreviewed
CVE-2023-1699 was published Mar 30, 2023
Rocket Software UniData versions prior to 8.2.4 build 3003 and UniVerse versions prior to 11.3.5... Critical Unreviewed
CVE-2023-28507 was published Mar 29, 2023
This vulnerability allows remote attackers to delete arbitrary files on affected installations of... Critical Unreviewed
CVE-2022-2560 was published Mar 29, 2023
This vulnerability allows remote attackers to bypass authentication on affected installations of... Critical Unreviewed
CVE-2022-36979 was published Mar 29, 2023
This vulnerability allows remote attackers to execute arbitrary code on affected installations of... Critical Unreviewed
CVE-2022-36978 was published Mar 29, 2023
This vulnerability allows remote attackers to execute arbitrary code on affected installations of... Critical Unreviewed
CVE-2022-36981 was published Mar 29, 2023
This vulnerability allows remote attackers to execute arbitrary code on affected installations of... Critical Unreviewed
CVE-2022-36977 was published Mar 29, 2023
A vulnerability, which was classified as critical, has been found in Rebuild up to 3.2.3.... Critical Unreviewed
CVE-2023-1610 was published Mar 23, 2023
An issue was discovered in Independentsoft JWord before 1.1.110. The API is prone to XML external... Critical Unreviewed
CVE-2023-28152 was published Mar 24, 2023
Double-free vulnerability in the FTP-kerberos code in cURL 7.52.0 to 7.65.3. Critical Unreviewed
CVE-2019-5481 was published May 24, 2022
TOTOLink outdoor CPE CP900 V6.3c.566_B20171026 discovered to contain a command injection... Critical Unreviewed
CVE-2022-28496 was published Mar 23, 2023
In lcsm_SendRrAcquiAssist of lcsm_bcm_assist.c, there is a possible out of bounds write due to a... Critical Unreviewed
CVE-2023-21058 was published Mar 24, 2023
In SDP_AddAttribute of sdp_db.cc, there is a possible out of bounds write due to an incorrect... Critical Unreviewed
CVE-2023-20954 was published Mar 24, 2023
In gatt_process_prep_write_rsp of gatt_cl.cc, there is a possible out of bounds write due to a... Critical Unreviewed
CVE-2023-20951 was published Mar 24, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database