Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,096
Erlang
29
GitHub Actions
19
Go
1,925
Maven
5,000+
npm
3,654
NuGet
638
pip
3,263
Pub
10
RubyGems
873
Rust
823
Swift
35
Unreviewed advisories
All unreviewed
5,000+

1,096 advisories

Loading
A vulnerability has been identified in SCALANCE XB205-3 (SC, PN) (All versions < V4.5), SCALANCE... Critical Unreviewed
CVE-2023-44373 was published Nov 14, 2023
Magnesium-PHP Injection vulnerability Low
CVE-2017-20187 was published for floriangaerber/magnesium (Composer) Nov 5, 2023
A CRLF injection vulnerability has been found in ManageEngine Desktop Central affecting version 9... Moderate Unreviewed
CVE-2023-4767 was published Nov 3, 2023
Dolibarr Improper Input Validation vulnerability High
CVE-2023-4197 was published for dolibarr/dolibarr (Composer) Nov 1, 2023
HTML and SMTP injections on the registration page of LiquidFiles versions 3.7.13 and below, allow... Moderate Unreviewed
CVE-2023-4393 was published Oct 30, 2023
juzawebCMS Injection vulnerability High
CVE-2023-46468 was published for juzaweb/cms (Composer) Oct 28, 2023
Ingress nginx annotation injection causes arbitrary command execution High
CVE-2023-5043 was published for k8s.io/ingress-nginx (Go) Oct 25, 2023
Langchain SQL Injection vulnerability Critical
CVE-2023-32785 was published for langchain (pip) Oct 21, 2023
Langchain Server-Side Request Forgery vulnerability High
CVE-2023-32786 was published for langchain (pip) Oct 21, 2023
eyurtsev
Terminal character injection in Mintty before 3.6.3 allows code execution via unescaped output to... Critical Unreviewed
CVE-2022-47583 was published Oct 19, 2023
An issue in Jorani Leave Management System 1.0.3 allows a remote attacker to execute arbitrary... Moderate Unreviewed
CVE-2023-45540 was published Oct 17, 2023
Cachet vulnerable to Authenticated Remote Code Execution Critical
CVE-2023-43661 was published for cachethq/cachet (Composer) Oct 16, 2023
rive-n
SQL Injection in Apache InLong High
CVE-2023-43667 was published for org.apache.inlong:inlong (Maven) Oct 16, 2023
Clone vulnerability in the huks ta module.Successful exploitation of this vulnerability may... High Unreviewed
CVE-2023-44109 was published Oct 11, 2023
ThingsBoard Server-Side Template Injection High
CVE-2023-45303 was published for org.thingsboard:thingsboard (Maven) Oct 6, 2023
A content spoofing flaw was found in OpenShift's OAuth endpoint. This flaw allows a remote,... Moderate Unreviewed
CVE-2022-4145 was published Oct 5, 2023
A code injection vulnerability in Trellix ENS 10.7.0 April 2023 release and earlier, allowed a... High Unreviewed
CVE-2023-3665 was published Oct 4, 2023
Super Store Finder 3.7 and below is vulnerable to authenticated Arbitrary PHP Code Injection that... High Unreviewed
CVE-2023-43835 was published Oct 2, 2023
Phpipam before v1.5.2 was discovered to contain a LDAP injection vulnerability via the dname... High Unreviewed
CVE-2023-41580 was published Oct 2, 2023
PostCSS line return parsing error Moderate
CVE-2023-44270 was published for postcss (npm) Sep 30, 2023
DCKcode
Composer Remote Code Execution vulnerability via web-accessible composer.phar High
CVE-2023-43655 was published for composer/composer (Composer) Sep 29, 2023
thomas-chauchefoin-sonarsource
An issue has been discovered in GitLab affecting all versions starting from 8.15 before 16.2.8,... High Unreviewed
CVE-2023-3922 was published Sep 29, 2023
All versions of the package ithewei/libhv are vulnerable to CRLF Injection when untrusted user... Moderate Unreviewed
CVE-2023-26148 was published Sep 29, 2023
Searchor CLI's Search vulnerable to Arbitrary Code using Eval Critical
CVE-2023-43364 was published for searchor (pip) Sep 25, 2023
Kiali content spoofing vulnerability Moderate
CVE-2022-3962 was published for github.com/kiali/kiali (Go) Sep 23, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database