GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 19,342
Composer 3,964
Erlang 29
GitHub Actions 16
Go 1,746
Maven 4,974
npm 3,507
NuGet 609
pip 3,071
Pub 10
RubyGems 832
Rust 780
Swift 34

Unreviewed advisories

All unreviewed 220,933

CC-BY-4.0 License

Language support

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

974 advisories

Filter by severity

Sort by

Least recently updated

An issue in Univention UCS v.5.0 allows a local attacker to execute arbitrary code and gain... High Unreviewed

CVE-2023-38994 was published Oct 31, 2023

org.xwiki.platform:xwiki-platform-oldcore may leak data through deleted and re-created documents Moderate

CVE-2023-37911 was published for org.xwiki.platform:xwiki-platform-oldcore (Maven) Oct 25, 2023

An issue in WIPOTEC GmbH ComScale v4.3.29.21344 and v4.4.12.723 allows unauthenticated attackers... Critical Unreviewed

CVE-2023-45911 was published Oct 18, 2023

MantisBT may disclose project names to unauthorized users Moderate

CVE-2023-44394 was published for mantisbt/mantisbt (Composer) Oct 17, 2023

Archer Platform 6.x before 6.13 P2 HF2 (6.13.0.2.2) contains a sensitive information disclosure... Moderate Unreviewed

CVE-2023-45357 was published Oct 17, 2023

The WP Job Openings WordPress plugin before 3.4.3 does not block listing the contents of the... Moderate Unreviewed

CVE-2023-4933 was published Oct 16, 2023

IBM Security Verify Governance 10.0, Identity Manager could allow a local privileged user to... Moderate Unreviewed

CVE-2023-35013 was published Oct 16, 2023

Apache Airflow vulnerable to privilege escalation Moderate

CVE-2023-42792 was published for apache-airflow (pip) Oct 14, 2023

An information disclosure vulnerability exists in the CtEnumCa() functionality of SoftEther VPN 4... Moderate Unreviewed

CVE-2023-32275 was published Oct 12, 2023

Broadcast permission control vulnerability in the Bluetooth module.Successful exploitation of... Moderate Unreviewed

CVE-2023-44102 was published Oct 11, 2023

The Bluetooth module has a vulnerability in permission control for broadcast notifications... High Unreviewed

CVE-2023-44101 was published Oct 11, 2023

Remote Procedure Call Information Disclosure Vulnerability High Unreviewed

CVE-2023-36596 was published Oct 10, 2023

Microsoft Dynamics 365 (On-Premises) Information Disclosure Vulnerability Moderate Unreviewed

CVE-2023-36429 was published Oct 10, 2023

The Sangfor Next-Gen Application Firewall version NGAF8.0.17 is vulnerable to a source code... Moderate Unreviewed

CVE-2023-30802 was published Oct 10, 2023

The vulnerability is to theft of arbitrary files with system privilege in the LockScreenSettings ... High Unreviewed

CVE-2023-44122 was published Sep 27, 2023

The vulnerability is to theft of arbitrary files with system privilege in the Screen recording (... Low Unreviewed

CVE-2023-44124 was published Sep 27, 2023

** DISPUTED ** Plesk Onyx 17.8.11 has accessKeyId and secretAccessKey fields that are related to... High Unreviewed

CVE-2023-43784 was published Sep 22, 2023

Cadence through 0.9.2 2023-08-21 uses an Insecure /tmp/cadence-wineasio.reg Temporary File. The... High Unreviewed

CVE-2023-43783 was published Sep 22, 2023

Cadence through 0.9.2 2023-08-21 uses an Insecure /tmp/.cadence-aloop-daemon.x Temporary File.... Moderate Unreviewed

CVE-2023-43782 was published Sep 22, 2023

NVIDIA GeForce Now for Android contains a vulnerability in the game launcher component, where a... Moderate Unreviewed

CVE-2023-31014 was published Sep 20, 2023

An information leak in youmart-tokunaga v13.6.1 allows attackers to obtain the channel access... Moderate Unreviewed

CVE-2023-39049 was published Sep 19, 2023

An information leak in Coffee-jumbo v13.6.1 allows attackers to obtain the channel access token... Moderate Unreviewed

CVE-2023-39056 was published Sep 19, 2023

An information leak in TonTon-Tei_waiting Line v13.6.1 allows attackers to obtain the channel... Moderate Unreviewed

CVE-2023-39046 was published Sep 19, 2023

SpringBlade <=V3.6.0 is vulnerable to Incorrect Access Control due to incorrect configuration in... Moderate Unreviewed

CVE-2023-40788 was published Sep 19, 2023

An information leak in Cheese Cafe Line v13.6.1 allows attackers to obtain the channel access... Moderate Unreviewed

CVE-2023-39040 was published Sep 18, 2023

Previous 1 2 3 4 5 … 38 39 Next

ProTip! Advisories are also available from the GraphQL API

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

974 advisories