Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+

137,190 advisories

Loading
Apache Superset vulnerable to Injection Moderate
CVE-2022-43720 was published for apache-superset (pip) Jan 16, 2023
Apache Superset Open Redirect vulnerability Moderate
CVE-2022-43721 was published for apache-superset (pip) Jan 16, 2023
Apache Superset has Improper Access Control Moderate
CVE-2022-45438 was published for apache-superset (pip) Jan 16, 2023
Zitadel RefreshToken invalidation vulnerability Moderate
CVE-2023-22492 was published for github.com/zitadel/zitadel (Go) Jan 11, 2023
sebastianbuechler
pimcore is vulnerable to cross-site scripting via "title field " in data objects Moderate
CVE-2023-0323 was published for pimcore/pimcore (Composer) Jan 20, 2023
Data race in disrustor Moderate
CVE-2020-36470 was published for disrustor (Rust) Aug 25, 2021
J3rry-1729
A vulnerability was found in saemorris TheRadSystem. It has been classified as problematic.... Moderate Unreviewed
CVE-2023-0327 was published Jan 16, 2023
The WP Attachments WordPress plugin through 5.0.5 does not sanitise and escape some of its... Moderate Unreviewed
CVE-2022-4330 was published Jan 16, 2023
A cross-site scripting (XSS) vulnerability in the LISTSERV 17 web interface allows remote... Moderate Unreviewed
CVE-2022-39195 was published Jan 17, 2023
The Custom Post Types and Custom Fields creator WordPress plugin before 2.3.3 does not sanitize... Moderate Unreviewed
CVE-2022-4442 was published Jan 16, 2023
Themify Portfolio Post WordPress plugin before 1.2.1 does not validate and escapes some of its... Moderate Unreviewed
CVE-2022-4464 was published Jan 16, 2023
A XSS vulnerability was found in phoromatic_r_add_test_details.php in phoronix-test-suite. Moderate Unreviewed
CVE-2022-40704 was published Jan 17, 2023
The Sidebar Widgets by CodeLights WordPress plugin through 1.4 does not validate and escape some... Moderate Unreviewed
CVE-2022-4460 was published Jan 16, 2023
The Easy Accordion WordPress plugin before 2.2.0 does not validate and escape some of its... Moderate Unreviewed
CVE-2022-4487 was published Jan 16, 2023
In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.851, an insecure object reference allows... Moderate Unreviewed
CVE-2019-14723 was published May 24, 2022
CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.793 (Free/Open Source Version), 0.9.8.753 ... Moderate Unreviewed
CVE-2019-11429 was published May 24, 2022
In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.851, an insecure object reference allows... Moderate Unreviewed
CVE-2019-14729 was published May 24, 2022
In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.851, an insecure object reference allows... Moderate Unreviewed
CVE-2019-14722 was published May 24, 2022
In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.851, an insecure object reference allows... Moderate Unreviewed
CVE-2019-14730 was published May 24, 2022
The 3D FlipBook WordPress plugin through 1.13.2 does not validate or escape some of its shortcode... Moderate Unreviewed
CVE-2022-4453 was published Jan 16, 2023
The WOOCS WordPress plugin before 1.3.9.4 does not validate and escape some of its shortcode... Moderate Unreviewed
CVE-2022-4431 was published Jan 16, 2023
The Social Sharing WordPress plugin before 3.3.45 does not validate and escape some of its... Moderate Unreviewed
CVE-2022-4451 was published Jan 16, 2023
XSS was discovered in CentOS-WebPanel.com (aka CWP) CentOS Web Panel through 0.9.8.747 via the... Moderate Unreviewed
CVE-2019-12190 was published May 24, 2022
In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.851, an insecure object reference allows... Moderate Unreviewed
CVE-2019-14721 was published May 24, 2022
In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.851, an insecure object reference allows... Moderate Unreviewed
CVE-2019-14728 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database