Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,670
Maven
5,000+
npm
4,296
NuGet
760
pip
4,075
Pub
12
RubyGems
957
Rust
1,058
Swift
45
Unreviewed advisories
All unreviewed
5,000+

27,522 advisories

Loading
A pre-auth command injection vulnerability in the warn-proceed handler of Sophos Web Appliance... Critical Unreviewed
CVE-2023-1671 was published Apr 4, 2023
Unrestricted Upload of File with Dangerous Type vulnerability in Fernus Informatics LMS allows OS... Critical Unreviewed
CVE-2023-1728 was published Apr 4, 2023
A vulnerability, which was classified as critical, was found in SourceCodester Online Computer... Critical Unreviewed
CVE-2023-1826 was published Apr 4, 2023
Hitachi Vantara Pentaho Business Analytics Server versions before 9.4.0.1 and 9.3.0.2, including... Critical Unreviewed
CVE-2022-43939 was published Apr 3, 2023
BluePage CMS thru v3.9 processes an insufficiently sanitized HTTP Header allowing MySQL Injection... Critical Unreviewed
CVE-2022-38923 was published Apr 3, 2023
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2023-1765 was published Apr 3, 2023
BluePage CMS thru 3.9 processes an insufficiently sanitized HTTP Header Cookie value allowing... Critical Unreviewed
CVE-2022-38922 was published Apr 3, 2023
IBM Aspera Cargo 4.2.5 and IBM Aspera Connect 4.2.5 are vulnerable to a buffer overflow, caused... Critical Unreviewed
CVE-2023-27286 was published Apr 2, 2023
IBM Aspera Cargo 4.2.5 and IBM Aspera Connect 4.2.5 are vulnerable to a buffer overflow, caused... Critical Unreviewed
CVE-2023-27284 was published Apr 2, 2023
sjqzhang go-fastdfs vulnerable to path traversal Critical
CVE-2023-1800 was published for github.com/sjqzhang/go-fastdfs (Go) Apr 2, 2023
A vulnerability classified as critical was found in OTCMS 6.0.1. Affected by this vulnerability... Critical Unreviewed
CVE-2023-1797 was published Apr 2, 2023
A vulnerability has been found in SourceCodester Simple Task Allocation System 1.0 and classified... Critical Unreviewed
CVE-2023-1791 was published Apr 2, 2023
A vulnerability was found in SourceCodester Simple Mobile Comparison Website 1.0 and classified... Critical Unreviewed
CVE-2023-1792 was published Apr 2, 2023
A vulnerability was found in SourceCodester Police Crime Record Management System 1.0. It has... Critical Unreviewed
CVE-2023-1793 was published Apr 2, 2023
D-Link Go-RT-AC750 revA_v101b03 was discovered to contain a command injection vulnerability via... Critical Unreviewed
CVE-2023-26822 was published Apr 2, 2023
Generex UPS CS141 below 2.06 version, allows an attacker toupload a firmware file containing an... Critical Unreviewed
CVE-2022-47189 was published Apr 1, 2023
Generex UPS CS141 below 2.06 version, could allow a remote attacker to upload a firmware file... Critical Unreviewed
CVE-2022-47190 was published Apr 1, 2023
An authentication bypass vulnerability in the web client interface for the CL4NX printer before... Critical Unreviewed
CVE-2023-23594 was published Mar 31, 2023
X-Forwarded-For header allows brute-forcing autoblocked IP addresses Critical
CVE-2023-29141 was published for mediawiki/core (Composer) Mar 31, 2023
Rudloff
Credited to Rudloff
A vulnerability was found in SourceCodester Earnings and Expense Tracker App 1.0. It has been... Critical Unreviewed
CVE-2023-1785 was published Mar 31, 2023
SQL injection vulnerability found in PrestaSHp faqs v.3.1.6 allows a remote attacker to escalate... Critical Unreviewed
CVE-2023-26858 was published Mar 31, 2023
OpenAPI Generator vulnerable to Server-Side Request Forgery Critical
CVE-2023-27162 was published for org.openapitools:openapi-generator-project (Maven) Mar 31, 2023
jeecg-boot vulnerable to improper authentication Critical
CVE-2023-1784 was published for org.jeecgframework.boot:jeecg-boot-parent (Maven) Mar 31, 2023
The web configuration service of the affected device contains an authenticated command injection... Critical Unreviewed
CVE-2023-0432 was published Mar 31, 2023
An authentication bypass vulnerability in the Password Reset component of Gladinet CentreStack... Critical Unreviewed
CVE-2023-26829 was published Mar 31, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database