Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
37
GitHub Actions
36
Go
2,500
Maven
5,000+
npm
4,147
NuGet
735
pip
3,948
Pub
12
RubyGems
945
Rust
1,025
Swift
39
Unreviewed advisories
All unreviewed
5,000+

295 advisories

Loading
Minio vulnerable to Privilege Escalation on Windows via Path separator manipulation High
CVE-2023-28433 was published for github.com/minio/minio (Go) Sep 6, 2023
donatello harshavardhana
RicterZ
Vulnerability of input parameters being not strictly verified in the AMS module. Successful... High Unreviewed
CVE-2023-39383 was published Aug 13, 2023
An information leak in PHPJabbers Yacht Listing Script v1.0 allows attackers to export clients'... High Unreviewed
CVE-2023-38830 was published Aug 10, 2023
Exposure of sensitive information in Zoom Client SDK's before 5.15.5 may allow an authenticated... High Unreviewed
CVE-2023-39214 was published Aug 9, 2023
ZKTeco BioAccess IVS v3.3.1 allows unauthenticated attackers to obtain sensitive information... High Unreviewed
CVE-2023-38955 was published Aug 3, 2023
In CODESYS Development System 3.5.9.0 to 3.5.17.0 and CODESYS Scripting 4.0.0.0 to 4.1.0.0 unsafe... High Unreviewed
CVE-2023-3670 was published Jul 28, 2023
An issue was discovered in Vocera Report Server and Voice Server 5.x through 5.8. There is an... High Unreviewed
CVE-2022-46901 was published Jul 25, 2023
An issue in issabel-pbx v.4.0.0-6 allows a remote attacker to obtain sensitive information via... High Unreviewed
CVE-2023-37599 was published Jul 14, 2023
Insecure temporary file in the installer for Zoom Rooms before version 5.15.0 may allow an... High Unreviewed
CVE-2023-34119 was published Jul 11, 2023
An issue found in Marukyu Line v.13.4.1 allows a remote attacker to gain access to sensitive... High Unreviewed
CVE-2023-31818 was published Jul 11, 2023
Exposure of Sensitive Information to an Unauthorized Actor in the SICK ICR890-4 could allow an... High Unreviewed
CVE-2023-3270 was published Jul 10, 2023
Unauthenticated endpoints in the SICK ICR890-4 could allow an unauthenticated remote attacker to... High Unreviewed
CVE-2023-35696 was published Jul 10, 2023
Apache InLong Exposure of Resource to Wrong Sphere vulnerability High
CVE-2023-31103 was published for org.apache.inlong:manager-dao (Maven) Jul 6, 2023
Apache InLong Exposure of Resource to Wrong Sphere vulnerability High
CVE-2023-31206 was published for org.apache.inlong:manager-dao (Maven) Jul 6, 2023
A CWE-668: Exposure of Resource to Wrong Sphere vulnerability exists that could cause remote... High Unreviewed
CVE-2023-27976 was published Jul 6, 2023
Exposure of resource to wrong sphere issue exists in WL-WN531AX2 firmware versions prior to... High Unreviewed
CVE-2023-32613 was published Jun 30, 2023
XWiki Platform may show email addresses in clear in REST results High
CVE-2023-35151 was published for org.xwiki.platform:xwiki-platform-rest-server (Maven) Jun 20, 2023
XWiki Platform may retrieve email addresses of all users High
CVE-2023-34467 was published for org.xwiki.platform:xwiki-platform-livetable-ui (Maven) Jun 20, 2023
floerer
On Unix platforms, the Go runtime does not behave differently when a binary is run with the... High Unreviewed
CVE-2023-29403 was published Jun 8, 2023
Jeecg P3 Biz Chat allows remote attackers to read arbitrary files High
CVE-2023-33510 was published for org.jeecgframework.p3:jeecg-p3-biz-chat (Maven) Jun 7, 2023
Landscape's server-status page exposed sensitive system information. This data leak included GET... High Unreviewed
CVE-2023-32550 was published Jun 6, 2023
An issue was discovered in Faronics Insight 10.0.19045 on Windows. The Insight Teacher Console... High Unreviewed
CVE-2023-28344 was published May 31, 2023
Exposure of Private Personal Information to an Unauthorized Actor vulnerability in Finex Media... High Unreviewed
CVE-2023-2703 was published May 23, 2023
n8n Information Disclosure vulnerability High
CVE-2023-27564 was published for n8n (npm) May 10, 2023
MarkLee131
Exposure of data element to wrong session in the Intel DCM software before version 5.0.1 may... High Unreviewed
CVE-2022-40210 was published May 10, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database