Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+

12,432 advisories

Loading
A flaw was found in the mod_proxy_cluster in the Apache server. This issue may allow a malicious... Low Unreviewed
CVE-2023-6710 was published Dec 13, 2023
An improper access control vulnerability [CWE-284] in FortiOS version 7.2.0, version 7.0.13 and... Low Unreviewed
CVE-2023-47536 was published Dec 13, 2023
An improper neutralization of input during web page generation ('cross-site scripting') in... Low Unreviewed
CVE-2023-45587 was published Dec 13, 2023
A improper neutralization of input during web page generation ('cross-site scripting') in... Low Unreviewed
CVE-2023-41844 was published Dec 13, 2023
Improper input validation vulnerability in Newsletter Software SuperMailer affecting version 11... Low Unreviewed
CVE-2023-6381 was published Dec 13, 2023
Possible injection of HTML into user invite mails Low
CVE-2023-38694 was published for Umbraco.CMS (NuGet) Dec 13, 2023
Backoffice User can bypass "Publish" restriction Low
CVE-2023-48227 was published for Umbraco.CMS (NuGet) Dec 13, 2023
roie-shmuel
Using the directory back payload (“/../”) in a package name allows placement of package in other folders. Low
CVE-2023-49089 was published for Umbraco.CMS (NuGet) Dec 13, 2023
mjalt96
SMTP misconfiguration leading to "Forgot Password" exploit that leaks registered user email. Low
CVE-2023-49274 was published for Umbraco.CMS (NuGet) Dec 13, 2023
emmagarland
Brute force exploit can be used to collect valid usernames Low
CVE-2023-49278 was published for Umbraco.CMS (NuGet) Dec 13, 2023
Stored XSS via SVG File Upload Low
CVE-2023-49279 was published for Umbraco.CMS (NuGet) Dec 13, 2023
S3ntago
Unauthenticated db-file-storage views Low
CVE-2023-50263 was published for nautobot (pip) Dec 13, 2023
Kircheneer
Broken access control in Silverpeas Low
CVE-2023-47320 was published for org.silverpeas.core:silverpeas-core-war (Maven) Dec 13, 2023
An improper privilege management vulnerability in Palo Alto Networks PAN-OS software enables an... Low Unreviewed
CVE-2023-6793 was published Dec 13, 2023
Sensitive information disclosure and manipulation due to missing authorization. The following... Low Unreviewed
CVE-2023-48676 was published Dec 14, 2023
Ref methods into_ref, into_mut, into_slice, and into_slice_mut are unsound when used with cell::Ref or cell::RefMut Low
GHSA-3mv5-343c-w2qg was published for zerocopy (Rust) Dec 15, 2023
Adobe Experience Manager versions 6.5.18 and earlier are affected by an Improper Input Validation... Low Unreviewed
CVE-2023-48608 was published Dec 15, 2023
An issue has been discovered in GitLab EE affecting all versions starting from 8.17 before 16.4.4... Low Unreviewed
CVE-2023-3511 was published Dec 15, 2023
nvdApiKey is logged in debug mode Low
GHSA-qqhq-8r2c-c3f5 was published for org.owasp:dependency-check-ant (Maven) Dec 15, 2023
hott-box
HCL Connections is vulnerable to an information disclosure vulnerability which could allow a user... Low Unreviewed
CVE-2023-28022 was published Dec 16, 2023
yii2-authclient vulnerable to possible timing attack on string comparison in OAuth1, OAuth2 and OpenID Connect implementation Low
CVE-2023-50708 was published for yiisoft/yii2-authclient (Composer) Dec 18, 2023
rhertogh
Improper input validation of a large HTTP request in the Controller 6000 and Controller 7000... Low Unreviewed
CVE-2023-22439 was published Dec 19, 2023
Sensitive information uncleared after debug/power state transition in the Controller 6000 could... Low Unreviewed
CVE-2023-41967 was published Dec 19, 2023
A flaw was found in the libssh implements abstract layer for message digest (MD) operations... Low Unreviewed
CVE-2023-6918 was published Dec 19, 2023
A vulnerability has been found in SourceCodester Online Student Management System 1.0 and... Low Unreviewed
CVE-2023-6945 was published Dec 19, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database