Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+

12,432 advisories

Loading
Adobe After Effects versions 22.0 (and earlier) and 18.4.2 (and earlier) are affected by an out... Low Unreviewed
CVE-2021-44192 was published Sep 7, 2023
Adobe After Effects versions 22.0 (and earlier) and 18.4.2 (and earlier) are affected by an out... Low Unreviewed
CVE-2021-44191 was published Sep 7, 2023
Adobe After Effects versions 22.0 (and earlier) and 18.4.2 (and earlier) are affected by an out... Low Unreviewed
CVE-2021-44195 was published Sep 7, 2023
An issue was discovered in Exynos Mobile Processor 980 and 2100. An integer overflow at a buffer... Low Unreviewed
CVE-2023-40353 was published Sep 8, 2023
Domain restrictions bypass via DNS Rebinding in WireMock and WireMock Studio webhooks, proxy and recorder modes Low
CVE-2023-41329 was published for com.github.tomakehurst:wiremock-jre8 (Maven) Sep 8, 2023
W0rty numacanedo
tomakehurst Mahoney oleg-nenashev
Cross-site Scripting (XSS) - Stored in GitHub repository instantsoft/icms2 prior to 2.16.1.-git. Low Unreviewed
CVE-2023-4879 was published Sep 10, 2023
Search queries in the default search engine could appear to have been the currently navigated URL... Low Unreviewed
CVE-2023-4579 was published Sep 11, 2023
A privacy issue was addressed with improved private data redaction for log entries. This issue is... Low Unreviewed
CVE-2023-40442 was published Sep 12, 2023
An issue was discovered in the NPU kernel driver in Samsung Exynos Mobile Processor 9820, 980,... Low Unreviewed
CVE-2023-40218 was published Sep 12, 2023
The com.full.dialer.top.secure.encrypted application through 1.0.1 for Android enables any... Low Unreviewed
CVE-2023-42469 was published Sep 13, 2023
Jetty vulnerable to errant command quoting in CGI Servlet Low
CVE-2023-36479 was published for org.eclipse.jetty.ee10:jetty-ee10-servlets (Maven) Sep 14, 2023
kaoudis joakime
A vulnerability has been identified in QMS Automotive (All versions < V12.39). The QMS.Mobile... Low Unreviewed
CVE-2023-40732 was published Sep 14, 2023
Miscompilation of wasm `i64x2.shr_s` instruction with constant input on x86_64 Low
CVE-2023-41880 was published for wasmtime (Rust) Sep 14, 2023
afonso360
A vulnerability was found in phpipam 1.5.1. It has been rated as problematic. Affected by this... Low Unreviewed
CVE-2023-4965 was published Sep 14, 2023
Jetty's OpenId Revoked authentication allows one request Low
CVE-2023-41900 was published for org.eclipse.jetty:jetty-openid (Maven) Sep 15, 2023
andrewmcguinness timtebeek
A vulnerability classified as problematic was found in Supcon InPlant SCADA up to 20230901.... Low Unreviewed
CVE-2023-4986 was published Sep 15, 2023
A vulnerability has been found in Pluck CMS 4.7.18 and classified as problematic. This... Low Unreviewed
CVE-2023-5013 was published Sep 17, 2023
A vulnerability, which was classified as problematic, has been found in China Unicom TEWA-800G 4... Low Unreviewed
CVE-2023-5028 was published Sep 17, 2023
An issue was discovered in the Linux kernel before 5.8.6. drivers/media/cec/core/cec-api.c leaks... Low Unreviewed
CVE-2020-36766 was published Sep 18, 2023
Cross-site Scripting (XSS) - Reflected in GitHub repository hestiacp/hestiacp prior to 1.8.8. Low Unreviewed
CVE-2023-5084 was published Sep 20, 2023
Spring for GraphQL may be exposed to GraphQL context with values from a different session Low
CVE-2023-34047 was published for org.springframework.graphql:spring-graphql (Maven) Sep 20, 2023
Jenkins temporary uploaded file created with insecure permissions Low
CVE-2023-43498 was published for org.jenkins-ci.main:jenkins-core (Maven) Sep 20, 2023
Jenkins temporary uploaded file created with insecure permissions Low
CVE-2023-43497 was published for org.jenkins-ci.main:jenkins-core (Maven) Sep 20, 2023
Zope vulnerable to Stored Cross Site Scripting with SVG images Low
CVE-2023-42458 was published for Zope (pip) Sep 21, 2023
mauritsvanrees icemac
Vulnerable OpenSSL included in cryptography wheels Low
GHSA-v8gr-m533-ghj9 was published for cryptography (pip) Sep 21, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database