GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,730
Composer 5,030
Erlang 39
GitHub Actions 38
Go 2,670
Maven 6,116
npm 4,296
NuGet 760
pip 4,075
Pub 12
RubyGems 957
Rust 1,058
Swift 45

Unreviewed advisories

All unreviewed 277,912

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

27,522 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

The Rockwell Automation Thinmanager Thinserver is impacted by an improper input validation... Critical Unreviewed

CVE-2023-2917 was published Aug 17, 2023

The Rockwell Automation Thinmanager Thinserver is impacted by an improper input validation... Critical Unreviewed

CVE-2023-2915 was published Aug 17, 2023

Improper Control of Generation of Code ('Code Injection') vulnerability in Genians Genian NAC V4... Critical Unreviewed

CVE-2023-40252 was published Aug 17, 2023

An issue in Konga v0.14.9 allows attackers to bypass authentication via a crafted JWT token. Critical Unreviewed

CVE-2023-39846 was published Aug 17, 2023

NPort IAW5000A-I/O Series firmware version v2.2 and prior is affected by a hardcoded credential... Critical Unreviewed

CVE-2023-4204 was published Aug 16, 2023

install/aiz-uploader/upload in Campcodes Online Matrimonial Website System Script 3.3 allows XSS... Critical Unreviewed

CVE-2023-39115 was published Aug 16, 2023

In the module “Customization fields fee for your store” (aicustomfee) from ai-dev module for... Critical Unreviewed

CVE-2023-33663 was published Aug 16, 2023

Dell PowerScale OneFS, 9.5.0.x, contains a protection mechanism bypass vulnerability. An... Critical Unreviewed

CVE-2023-32493 was published Aug 16, 2023

Directory Traversal vulnerability in Server functionalty in Even Balance Punkbuster version 1.902... Critical Unreviewed

CVE-2020-26037 was published Aug 16, 2023

Schoolmate v1.3 was discovered to contain multiple SQL injection vulnerabilities via the ... Critical Unreviewed

CVE-2023-39850 was published Aug 16, 2023

COMFAST CF-XR11 V2.7.2 has a command injection vulnerability detected at function sub_415588.... Critical Unreviewed

CVE-2023-38866 was published Aug 15, 2023

An issue in COMFAST CF-XR11 v.2.7.2 allows an attacker to execute arbitrary code via the... Critical Unreviewed

CVE-2023-38864 was published Aug 15, 2023

COMFAST CF-XR11 V2.7.2 has a command injection vulnerability detected at function sub_4143F0.... Critical Unreviewed

CVE-2023-38865 was published Aug 15, 2023

An issue in COMFAST CF-XR11 v.2.7.2 allows an attacker to execute arbitrary code via the... Critical Unreviewed

CVE-2023-38862 was published Aug 15, 2023

An issue in Wavlink WL_WNJ575A3 v.R75A3_V1410_220513 allows a remote attacker to execute... Critical Unreviewed

CVE-2023-38861 was published Aug 15, 2023

An issue in COMFAST CF-XR11 v.2.7.2 allows an attacker to execute arbitrary code via the ifname... Critical Unreviewed

CVE-2023-38863 was published Aug 15, 2023

File Upload vulnerability in Wolf-leo EasyAdmin8 v.1.0 allows a remote attacker to execute... Critical Unreviewed

CVE-2023-38915 was published Aug 15, 2023

In multiple locations, there is a possible code execution due to type confusion. This could lead... Critical Unreviewed

CVE-2023-21287 was published Aug 15, 2023

In isServerCertChainValid of InsecureEapNetworkHandler.java, there is a possible way to trust an... Critical Unreviewed

CVE-2023-21242 was published Aug 14, 2023

In processMessageImpl of ClientModeImpl.java, there is a possible credential disclosure in the... Critical Unreviewed

CVE-2023-20965 was published Aug 14, 2023

The User Activity Log WordPress plugin before 1.6.5 does not correctly sanitise and escape... Critical Unreviewed

CVE-2023-3435 was published Aug 14, 2023

The Texas Instruments (TI) WiLink WL18xx MCP driver does not limit the number of information... Critical Unreviewed

CVE-2023-29468 was published Aug 14, 2023

A SQL Injection vulnerability has been identified in the MiVoice Office 400 SMB Controller... Critical Unreviewed

CVE-2023-39292 was published Aug 14, 2023

The Linux DVS server component of Mitel MiVoice Connect through 19.3 SP2 (22.24.1500.0) could... Critical Unreviewed

CVE-2023-32748 was published Aug 14, 2023

xterm before 380 supports ReGIS reporting for character-set names even if they have unexpected... Critical Unreviewed

CVE-2023-40359 was published Aug 14, 2023

Previous 1…399400 Next

Previous 1 2 … 396 397 398 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

27,522 advisories