Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,871
Erlang
37
GitHub Actions
36
Go
2,517
Maven
5,000+
npm
4,150
NuGet
736
pip
3,952
Pub
12
RubyGems
946
Rust
1,026
Swift
39
Unreviewed advisories
All unreviewed
5,000+

26,924 advisories

Loading
An issue was discovered in the A4N (Aremis 4 Nomad) application 1.5.0 for Android. It allows SQL... Critical Unreviewed
CVE-2022-34909 was published Feb 27, 2023
A vulnerability was found in SourceCodester Music Gallery Site 1.0 and classified as critical.... Critical Unreviewed
CVE-2023-1053 was published Feb 27, 2023
A vulnerability was found in SourceCodester Music Gallery Site 1.0. It has been classified as... Critical Unreviewed
CVE-2023-1054 was published Feb 27, 2023
ASUS ASMB8 iKVM firmware through 1.14.51 allows remote attackers to execute arbitrary code by... Critical Unreviewed
CVE-2023-26602 was published Feb 26, 2023
A vulnerability, which was classified as critical, has been found in SourceCodester Online... Critical Unreviewed
CVE-2023-1040 was published Feb 26, 2023
A vulnerability was found in SourceCodester Dental Clinic Appointment Reservation System 1.0. It... Critical Unreviewed
CVE-2023-1037 was published Feb 26, 2023
A vulnerability classified as critical has been found in SourceCodester Online Reviewer... Critical Unreviewed
CVE-2023-1038 was published Feb 26, 2023
A SQL injection vulnerability in BMC Control-M before 9.0.20.214 allows attackers to execute... Critical Unreviewed
CVE-2023-26550 was published Feb 25, 2023
An XML External Entity (XXE) vulnerability in urule v2.1.7 allows attackers to execute arbitrary... Critical Unreviewed
CVE-2023-24189 was published Feb 25, 2023
Sequelize - Default support for “raw attributes” when using parentheses Critical
CVE-2023-22578 was published for @sequelize/core (npm) Feb 24, 2023
An issue found in Peacexie Imcat v5.4 allows attackers to execute arbitrary code via the... Critical Unreviewed
CVE-2021-35370 was published Feb 24, 2023
Cross Site Scripting Vulnerability in MiniCMS v.1.10 allows attacker to execute arbitrary code... Critical Unreviewed
CVE-2021-33387 was published Feb 24, 2023
File upload vulnerability in Umbraco Forms v.8.7.0 allows unauthenticated attackers to execute... Critical Unreviewed
CVE-2021-33224 was published Feb 24, 2023
LiteDB may deserialize bad JSON on object type using _type Critical
CVE-2022-23535 was published for LiteDB (NuGet) Feb 24, 2023
Improper Handling of Parameters vulnerability in BG-TEK COSLAT Firewall allows Remote Code... Critical Unreviewed
CVE-2021-4105 was published Feb 24, 2023
Apache Airflow Sqoop Provider Improper Input Validation vulnerability Critical
CVE-2023-25693 was published for apache-airflow-providers-apache-sqoop (pip) Feb 24, 2023
Apache Airflow Hive Provider Improper Input Validation vulnerability Critical
CVE-2023-25696 was published for apache-airflow-providers-apache-hive (pip) Feb 24, 2023
Apache Airflow Google Provider Improper Input Validation vulnerability Critical
CVE-2023-25691 was published for apache-airflow-providers-google (pip) Feb 24, 2023
Clash for Windows v0.20.12 was discovered to contain a remote code execution (RCE) vulnerability... Critical Unreviewed
CVE-2023-24205 was published Feb 24, 2023
The affected products are vulnerable to an improper validation of array index, which could allow... Critical Unreviewed
CVE-2023-0755 was published Feb 24, 2023
The affected products are vulnerable to an integer overflow or wraparound, which could allow an... Critical Unreviewed
CVE-2023-0754 was published Feb 24, 2023
Code injection in pdf_info Critical
CVE-2022-36231 was published for pdf_info (RubyGems) Feb 24, 2023
Cerebrate 1.12 does not properly consider organisation_id during creation of API keys. Critical Unreviewed
CVE-2023-26468 was published Feb 24, 2023
Tenda AX3 V16.03.12.11 was discovered to contain a stack overflow via the timeType function at ... Critical Unreviewed
CVE-2023-24212 was published Feb 24, 2023
Undertow client not checking server identity presented by server certificate in https connections Critical
CVE-2022-4492 was published for io.undertow:undertow-core (Maven) Feb 23, 2023
fawind
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database