Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+

12,433 advisories

Loading
A vulnerability, which was classified as problematic, has been found in PHPEMS 7.0. This issue... Low Unreviewed
CVE-2023-6472 was published Dec 2, 2023
A vulnerability was found in ระบบบัญชีออนไลน์ Online Accounting System up to 1.4.0 and classified... Low Unreviewed
CVE-2018-25094 was published Dec 3, 2023
Improper usage of implicit intent in Contacts prior to SMR Dec-2023 Release 1 allows attacker to... Low Unreviewed
CVE-2023-42556 was published Dec 5, 2023
Implicit intent hijacking vulnerability in Samsung Account Web SDK prior to version 1.5.24 allows... Low Unreviewed
CVE-2023-42572 was published Dec 5, 2023
Dell PowerEdge platforms 16G Intel E5 BIOS and Dell Precision BIOS, version 1.4.4, contain... Low Unreviewed
CVE-2023-44298 was published Dec 5, 2023
An issue exists in SoftIron HyperCloud where compute nodes may come online immediately without... Low Unreviewed
CVE-2023-45085 was published Dec 5, 2023
Canonical LXD documentation improvement to make clear restricted.devices.disk=allow without restricted.devices.disk.paths also allows shift=true Low
GHSA-x9qq-236j-gj97 was published for github.com/canonical/lxd (Go) Dec 5, 2023
p-ouellette gshanbhag525
PyDrive2's unsafe YAML deserialization in LoadSettingsFile allows arbitrary code execution Low
CVE-2023-49297 was published for PyDrive2 (pip) Dec 5, 2023
ejedev
eventing-github vulnerable to denial of service caused by improper enforcement of the timeout on individual read operations Low
GHSA-v7hc-87jc-qrrr was published for knative.dev/eventing-github (Go) Dec 6, 2023
Microweber missing standardized error handling mechanism Low
CVE-2023-6599 was published for microweber/microweber (Composer) Dec 8, 2023
dbt-core's secret env vars written to package-lock.json in plaintext Low
GHSA-j4g3-3q8x-jxqp was published for dbt-core (pip) Dec 8, 2023
jtcohen6 martynydbt
A vulnerability classified as problematic was found in Typecho 1.2.1. Affected by this... Low Unreviewed
CVE-2023-6614 was published Dec 8, 2023
A vulnerability, which was classified as problematic, has been found in Typecho 1.2.1. Affected... Low Unreviewed
CVE-2023-6615 was published Dec 8, 2023
A vulnerability classified as problematic has been found in Typecho 1.2.1. Affected is an unknown... Low Unreviewed
CVE-2023-6613 was published Dec 8, 2023
eventing-gitlab vulnerable to denial of service, caused by improper enforcement of the timeout on individual read operations Low
GHSA-99jv-8292-2hpm was published for knative.dev/eventing-gitlab (Go) Dec 8, 2023
A flaw was found in PostgreSQL involving the pg_cancel_backend role that signals background... Low Unreviewed
CVE-2023-5870 was published Dec 10, 2023
In Eclipse Memory Analyzer versions 0.7 to 1.14.0, report definition XML files are not filtered... Low Unreviewed
CVE-2023-6194 was published Dec 11, 2023
Stale copy of the public suffix list Low
GHSA-w4x6-hh3x-wjrx was published for Gsemac.Net (NuGet) Dec 11, 2023
This issue was addressed with improved state management. This issue is fixed in macOS Sonoma 14.2... Low Unreviewed
CVE-2023-42874 was published Dec 12, 2023
SAP Cloud Connector - version 2.0, allows an authenticated user with low privilege to perform... Low Unreviewed
CVE-2023-49578 was published Dec 12, 2023
SAP Master Data Governance File Upload application allows an attacker to exploit insufficient... Low Unreviewed
CVE-2023-49058 was published Dec 12, 2023
Mattermost fails to validate team membership when a user attempts to access a playbook, allowing... Low Unreviewed
CVE-2023-6547 was published Dec 12, 2023
Mattermost fails to perform correct authorization checks when creating a playbook action,... Low Unreviewed
CVE-2023-6727 was published Dec 12, 2023
A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 2). The REST API... Low Unreviewed
CVE-2023-48430 was published Dec 12, 2023
A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 2). The Web UI... Low Unreviewed
CVE-2023-48429 was published Dec 12, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database