Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,670
Maven
5,000+
npm
4,296
NuGet
760
pip
4,075
Pub
12
RubyGems
957
Rust
1,058
Swift
45
Unreviewed advisories
All unreviewed
5,000+

27,522 advisories

Loading
Timmystudios Fast Typing Keyboard v1.275.1.162 allows unauthorized apps to overwrite arbitrary... Critical Unreviewed
CVE-2022-47027 was published Apr 14, 2023
Directory Traversal vulnerability found in T-ME Studios Change Color of Keypad v.1.275.1.277... Critical Unreviewed
CVE-2023-27648 was published Apr 14, 2023
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2023-1863 was published Apr 14, 2023
Purchase Order Management v1.0 was discovered to contain a SQL injection vulnerability via the... Critical Unreviewed
CVE-2023-29622 was published Apr 14, 2023
froxlor/froxlor vulnerable to unrestricted upload of file with dangerous type Critical
CVE-2023-2034 was published for froxlor/froxlor (Composer) Apr 14, 2023
Diasoft File Replication Pro 7.5.0 allows attackers to escalate privileges by replacing a... Critical Unreviewed
CVE-2023-26918 was published Apr 14, 2023
Auto Dealer Management System v1.0 was discovered to contain a SQL injection vulnerability. Critical Unreviewed
CVE-2023-27667 was published Apr 13, 2023
BlackVue DR750-2CH LTE v.1.012_2022.10.26 was discovered to contain a weak default passphrase... Critical Unreviewed
CVE-2023-27746 was published Apr 13, 2023
BlackVue DR750-2CH LTE v.1.012_2022.10.26 does not employ authenticity check for uploaded... Critical Unreviewed
CVE-2023-27748 was published Apr 13, 2023
AM Presencia v3.7.3 was discovered to contain a SQL injection vulnerability via the user... Critical Unreviewed
CVE-2023-27779 was published Apr 13, 2023
bloofox v0.5.2 was discovered to contain an arbitrary file deletion vulnerability via the... Critical Unreviewed
CVE-2023-27812 was published Apr 13, 2023
lmxcms v1.4.1 was discovered to contain a SQL injection vulnerability via the setbook parameter... Critical Unreviewed
CVE-2023-29598 was published Apr 13, 2023
Memory correction in modem due to buffer overwrite during coap connection Critical Unreviewed
CVE-2022-25678 was published Apr 13, 2023
Memory corruption in modem due to improper input validation while handling the incoming CoAP message Critical Unreviewed
CVE-2022-25745 was published Apr 13, 2023
Memory corruption in modem due to buffer overwrite while building an IPv6 multicast address based... Critical Unreviewed
CVE-2022-25740 was published Apr 13, 2023
memory corruption in modem due to improper check while calculating size of serialized CoAP message Critical Unreviewed
CVE-2022-33211 was published Apr 13, 2023
Memory corruption due to buffer copy without checking the size of input in modem while decoding... Critical Unreviewed
CVE-2022-33259 was published Apr 13, 2023
An issue in WooCommerce Payments plugin for WordPress (versions 5.6.1 and lower) allows an... Critical Unreviewed
CVE-2023-28121 was published Apr 12, 2023
vm2 Sandbox Escape vulnerability Critical
CVE-2023-29199 was published for vm2 (npm) Apr 12, 2023
leesh3288
Credited to leesh3288
org.xwiki.platform:xwiki-platform-skin-skinx vulnerable to basic Cross-site Scripting by exploiting JSX or SSX plugins Critical
CVE-2023-29206 was published for org.xwiki.platform:xwiki-platform-skin-skinx (Maven) Apr 12, 2023
org.xwiki.platform:xwiki-platform-rendering-xwiki vulnerable to stored cross-site scripting via HTML and raw macro Critical
CVE-2023-29205 was published for org.xwiki.platform:xwiki-platform-rendering-xwiki (Maven) Apr 12, 2023
org.xwiki.platform:xwiki-platform-rendering-macro-rss Cross-site Scripting vulnerability Critical
CVE-2023-29202 was published for org.xwiki.platform:xwiki-core-rendering-macro-rss (Maven) Apr 12, 2023
org.xwiki.commons:xwiki-commons-xml Cross-site Scripting vulnerability Critical
CVE-2023-29201 was published for org.xwiki.commons:xwiki-commons-xml (Maven) Apr 12, 2023
xwiki-platform-administration-ui vulnerable to privilege escalation Critical
CVE-2023-29511 was published for org.xwiki.platform:xwiki-platform-administration-ui (Maven) Apr 12, 2023
org.xwiki.platform:xwiki-platform-flamingo-theme-ui vulnerable to privilege escalation Critical
CVE-2023-30537 was published for org.xwiki.platform:xwiki-platform-flamingo-theme-ui (Maven) Apr 12, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database