Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,869
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,121
NuGet
735
pip
3,942
Pub
12
RubyGems
945
Rust
1,018
Swift
39
Unreviewed advisories
All unreviewed
5,000+

387 advisories

Loading
NVIDIA nvJPEG2000 Library for Windows and Linux contains a vulnerability where improper input... Low Unreviewed
CVE-2023-31028 was published Apr 5, 2024
A segmentation fault flaw was found in the Advancecomp package. This may lead to decreased... Low Unreviewed
CVE-2023-2961 was published Jun 6, 2023
cPanel before 62.0.17 allows file overwrite when renaming an account (SEC-219). Low Unreviewed
CVE-2017-18458 was published May 24, 2022
cPanel before 68.0.15 allows collisions because PostgreSQL databases can be assigned to multiple... Low Unreviewed
CVE-2017-18392 was published May 24, 2022
cPanel before 71.9980.37 allows arbitrary file-unlink operations via the cPAddons moderation... Low Unreviewed
CVE-2018-20897 was published May 24, 2022
An issue was discovered in versions earlier than 1.3.2 for Polycom RealPresence Debut where the... Low Unreviewed
CVE-2018-10947 was published May 24, 2022
Concrete CMS Stored XSS in the Search Field Low
CVE-2024-3181 was published for concrete5/concrete5 (Composer) Apr 3, 2024
Concrete CMS Stored XSS in the Custom Class page editing Low
CVE-2024-3179 was published for concrete5/concrete5 (Composer) Apr 3, 2024
Concrete CMS Cross-site Scripting (XSS) in the Advanced File Search Filter Low
CVE-2024-3178 was published for concrete5/concrete5 (Composer) Apr 3, 2024
Concrete CMS Stored XSS on the calendar color settings screen Low
CVE-2024-2753 was published for concrete5/concrete5 (Composer) Apr 3, 2024
net/ipv4/udp.c in the Linux kernel before 2.6.29.1 performs an unlocking step in certain... Low Unreviewed
CVE-2009-1243 was published May 2, 2022
Concrete CMS vulnerable to reflected XSS via the Image URL Import Feature Low
CVE-2024-1246 was published for concrete5/concrete5 (Composer) Feb 9, 2024
Concrete CMS vulnerable to stored XSS in file tags and description attributes Low
CVE-2024-1245 was published for concrete5/concrete5 (Composer) Feb 9, 2024
Concrete CMS vulnerable to stored XSS via the Role Name field Low
CVE-2024-1247 was published for concrete5/concrete5 (Composer) Feb 9, 2024
Improper Input Validation vulnerability in the upload functionality for user avatars allows... Low Unreviewed
CVE-2024-23790 was published Jan 29, 2024
IBM Storage Ceph 5.3z1, 5.3z5, and 6.1z1 could allow an authenticated user on the network to... Low Unreviewed
CVE-2023-46159 was published Feb 2, 2024
There is a DLL hijacking vulnerability in ZTE ZXCLOUD iRAI, an attacker could place a fake DLL... Low Unreviewed
CVE-2023-41782 was published Jan 5, 2024
A denial of service vulnerability exists when Microsoft SQL Server Management Studio (SSMS)... Low Unreviewed
CVE-2020-1455 was published May 24, 2022
A denial of service vulnerability exists when Microsoft Hyper-V on a host server fails to... Low Unreviewed
CVE-2020-0904 was published May 24, 2022
Improper input validation in the BIOS firmware for some Intel(R) Processors may allow an... Low Unreviewed
CVE-2023-22329 was published Nov 14, 2023
Jenkins Resource Disposer Plugin allows attacker to stop tracking specified resource Low
CVE-2018-1999037 was published for org.jenkins-ci.plugins:resource-disposer (Maven) May 14, 2022
Improper input validation of a large HTTP request in the Controller 6000 and Controller 7000... Low Unreviewed
CVE-2023-22439 was published Dec 19, 2023
Adobe Experience Manager versions 6.5.18 and earlier are affected by an Improper Input Validation... Low Unreviewed
CVE-2023-48608 was published Dec 15, 2023
Improper input validation vulnerability in Newsletter Software SuperMailer affecting version 11... Low Unreviewed
CVE-2023-6381 was published Dec 13, 2023
Improper Input Validation vulnerability in simulation function of GX Works2 allows an attacker to... Low Unreviewed
CVE-2023-5274 was published Nov 30, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database