GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,096
Erlang
29
GitHub Actions
19
Go
1,925
Maven
5,000+
npm
3,654
NuGet
638
pip
3,263
Pub
10
RubyGems
873
Rust
823
Swift
35
Unreviewed advisories
All unreviewed
5,000+
1,096 advisories
Filter by severity
A vulnerability has been identified in SCALANCE XB205-3 (SC, PN) (All versions < V4.5), SCALANCE...
Critical
Unreviewed
CVE-2023-44373
was published
Nov 14, 2023
Magnesium-PHP Injection vulnerability
Low
CVE-2017-20187
was published
for
floriangaerber/magnesium
(Composer)
Nov 5, 2023
A CRLF injection vulnerability has been found in ManageEngine Desktop Central affecting version 9...
Moderate
Unreviewed
CVE-2023-4767
was published
Nov 3, 2023
Dolibarr Improper Input Validation vulnerability
High
CVE-2023-4197
was published
for
dolibarr/dolibarr
(Composer)
Nov 1, 2023
HTML and SMTP injections on the registration page of LiquidFiles versions 3.7.13 and below, allow...
Moderate
Unreviewed
CVE-2023-4393
was published
Oct 30, 2023
juzawebCMS Injection vulnerability
High
CVE-2023-46468
was published
for
juzaweb/cms
(Composer)
Oct 28, 2023
Ingress nginx annotation injection causes arbitrary command execution
High
CVE-2023-5043
was published
for
k8s.io/ingress-nginx
(Go)
Oct 25, 2023
Langchain SQL Injection vulnerability
Critical
CVE-2023-32785
was published
for
langchain
(pip)
Oct 21, 2023
Langchain Server-Side Request Forgery vulnerability
High
CVE-2023-32786
was published
for
langchain
(pip)
Oct 21, 2023
Terminal character injection in Mintty before 3.6.3 allows code execution via unescaped output to...
Critical
Unreviewed
CVE-2022-47583
was published
Oct 19, 2023
An issue in Jorani Leave Management System 1.0.3 allows a remote attacker to execute arbitrary...
Moderate
Unreviewed
CVE-2023-45540
was published
Oct 17, 2023
Cachet vulnerable to Authenticated Remote Code Execution
Critical
CVE-2023-43661
was published
for
cachethq/cachet
(Composer)
Oct 16, 2023
SQL Injection in Apache InLong
High
CVE-2023-43667
was published
for
org.apache.inlong:inlong
(Maven)
Oct 16, 2023
Clone vulnerability in the huks ta module.Successful exploitation of this vulnerability may...
High
Unreviewed
CVE-2023-44109
was published
Oct 11, 2023
ThingsBoard Server-Side Template Injection
High
CVE-2023-45303
was published
for
org.thingsboard:thingsboard
(Maven)
Oct 6, 2023
A content spoofing flaw was found in OpenShift's OAuth endpoint. This flaw allows a remote,...
Moderate
Unreviewed
CVE-2022-4145
was published
Oct 5, 2023
A code injection vulnerability in Trellix ENS 10.7.0 April 2023 release and earlier, allowed a...
High
Unreviewed
CVE-2023-3665
was published
Oct 4, 2023
Super Store Finder 3.7 and below is vulnerable to authenticated Arbitrary PHP Code Injection that...
High
Unreviewed
CVE-2023-43835
was published
Oct 2, 2023
Phpipam before v1.5.2 was discovered to contain a LDAP injection vulnerability via the dname...
High
Unreviewed
CVE-2023-41580
was published
Oct 2, 2023
PostCSS line return parsing error
Moderate
CVE-2023-44270
was published
for
postcss
(npm)
Sep 30, 2023
Composer Remote Code Execution vulnerability via web-accessible composer.phar
High
CVE-2023-43655
was published
for
composer/composer
(Composer)
Sep 29, 2023
An issue has been discovered in GitLab affecting all versions starting from 8.15 before 16.2.8,...
High
Unreviewed
CVE-2023-3922
was published
Sep 29, 2023
All versions of the package ithewei/libhv are vulnerable to CRLF Injection when untrusted user...
Moderate
Unreviewed
CVE-2023-26148
was published
Sep 29, 2023
Searchor CLI's Search vulnerable to Arbitrary Code using Eval
Critical
CVE-2023-43364
was published
for
searchor
(pip)
Sep 25, 2023
Kiali content spoofing vulnerability
Moderate
CVE-2022-3962
was published
for
github.com/kiali/kiali
(Go)
Sep 23, 2023
ProTip!
Advisories are also available from the
GraphQL API