Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+

26,868 advisories

Loading
XWiki Platform users may execute anything with superadmin right through comments and async macro Critical
CVE-2023-26471 was published for org.xwiki.platform:xwiki-platform-rendering-async-macro (Maven) Mar 3, 2023
XWiki Platform may allow privilege escalation to programming rights via user's first name Critical
CVE-2023-26055 was published for org.xwiki.commons:xwiki-commons-xml (Maven) Mar 3, 2023
XWiki Platform vulnerable to privilege escalation via async macro and IconThemeSheet from the user profile Critical
CVE-2023-26472 was published for org.xwiki.platform:xwiki-platform-icon-ui (Maven) Mar 3, 2023
XWiki Platform vulnerable to privilege escalation via properties with wiki syntax that are executed with wrong author Critical
CVE-2023-26474 was published for org.xwiki.platform:xwiki-platform-legacy-oldcore (Maven) Mar 3, 2023
Judging Management System v1.0 was discovered to contain a SQL injection vulnerability via the... Critical Unreviewed
CVE-2023-24643 was published Mar 3, 2023
Judging Management System v1.0 was discovered to contain a SQL injection vulnerability via the... Critical Unreviewed
CVE-2023-24642 was published Mar 3, 2023
Judging Management System v1.0 was discovered to contain a SQL injection vulnerability via the... Critical Unreviewed
CVE-2023-24641 was published Mar 3, 2023
Multiple vulnerabilities in the web-based management interface of certain Cisco IP Phones could... Critical Unreviewed
CVE-2023-20078 was published Mar 3, 2023
An issue discovered in Shenzhen Zhiboton Electronics ZBT WE1626 Router v 21.06.18 allows... Critical Unreviewed
CVE-2022-45551 was published Mar 3, 2023
An issue discovered in Shenzhen Zhibotong Electronics WBT WE1626 Router v 21.06.18 allows... Critical Unreviewed
CVE-2022-45553 was published Mar 3, 2023
A vulnerability has been found in ???CMS and classified as critical. Affected by this... Critical Unreviewed
CVE-2021-4328 was published Mar 2, 2023
Accruent LLC Maintenance Connection 2021 (all) & 2022.2 was discovered to contain a SQL injection... Critical Unreviewed
CVE-2022-46501 was published Mar 2, 2023
A use-after-free vulnerability in WebCore::RenderLayer::repaintBlockSelectionGaps in WebKitGTK... Critical Unreviewed
CVE-2023-25362 was published Mar 2, 2023
A use-after-free vulnerability in WebCore::RenderLayer::updateDescendantDependentFlags in... Critical Unreviewed
CVE-2023-25363 was published Mar 2, 2023
CleverStupidDog yf-exam v 1.8.0 is vulnerable to SQL Injection. Critical Unreviewed
CVE-2023-26780 was published Mar 2, 2023
A use-after-free vulnerability in WebCore::RenderLayer::setNextSibling in WebKitGTK before 2.36.8... Critical Unreviewed
CVE-2023-25361 was published Mar 2, 2023
A use-after-free vulnerability in WebCore::RenderLayer::addChild in WebKitGTK before 2.36.8... Critical Unreviewed
CVE-2023-25358 was published Mar 2, 2023
A use-after-free vulnerability in WebCore::RenderLayer::renderer in WebKitGTK before 2.36.8... Critical Unreviewed
CVE-2023-25360 was published Mar 2, 2023
xwiki-platform vulnerable to Remote Code Execution in Annotations Critical
CVE-2023-26475 was published for org.xwiki.platform:xwiki-platform-annotation-ui (Maven) Mar 2, 2023
renniepak
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2021-3854 was published Mar 2, 2023
A vulnerability was found in SourceCodester Electronic Medical Records System 1.0. It has been... Critical Unreviewed
CVE-2023-1151 was published Mar 2, 2023
Baicells EG7035-M11 devices with firmware through BCE-ODU-1.0.8 are vulnerable to improper code... Critical Unreviewed
CVE-2023-1097 was published Mar 1, 2023
A vulnerability, which was classified as critical, was found in SourceCodester Computer Parts... Critical Unreviewed
CVE-2023-1130 was published Mar 1, 2023
Improper Input Validation vulnerability in Eskom Bilgisayar e-Belediye allows Information... Critical Unreviewed
CVE-2023-1114 was published Mar 1, 2023
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2023-1064 was published Mar 1, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database