GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
27,475 advisories
Bouncy Castle Denial of Service (DoS)
Moderate
CVE-2023-33202
was published
for
org.bouncycastle:bcpkix-jdk18on
(Maven)
Nov 23, 2023
Apache Storm Local Information Disclosure Vulnerability in Storm-core on Unix-Like systems due temporary files
Moderate
CVE-2023-43123
was published
for
org.apache.storm:storm-core
(Maven)
Nov 23, 2023
Cross-site Scripting via uploaded assets
High
CVE-2023-48701
was published
for
statamic/cms
(Composer)
Nov 22, 2023
SQL injection in Apache Submarine
Critical
CVE-2023-37924
was published
for
apache-submarine
(pip)
Nov 22, 2023
Exposure of Sensitive Information in Elastic APM .NET Agent
Low
CVE-2021-22143
was published
for
Elastic.Apm
(NuGet)
Nov 22, 2023
Clear Text Credentials Exposed via Onboarding Task
Moderate
CVE-2023-48700
was published
for
nautobot-device-onboarding
(pip)
Nov 21, 2023
Download to arbitrary folder can lead to RCE
High
CVE-2023-47890
was published
for
pyload-ng
(pip)
Nov 21, 2023
Decryption of malicious PBES2 JWE objects can consume unbounded system resources
Moderate
GHSA-2c7c-3mj9-8fqh
was published
for
github.com/go-jose/go-jose/v3
(Go)
Nov 21, 2023
Possible user mocking that bypasses basic authentication
Moderate
CVE-2023-48309
was published
for
next-auth
(npm)
Nov 20, 2023
ProTip!
Advisories are also available from the
GraphQL API