GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,964
Erlang
29
GitHub Actions
16
Go
1,746
Maven
4,974
npm
3,507
NuGet
609
pip
3,071
Pub
10
RubyGems
832
Rust
780
Swift
34
Unreviewed advisories
All unreviewed
5,000+
974 advisories
Filter by severity
An issue in Univention UCS v.5.0 allows a local attacker to execute arbitrary code and gain...
High
Unreviewed
CVE-2023-38994
was published
Oct 31, 2023
org.xwiki.platform:xwiki-platform-oldcore may leak data through deleted and re-created documents
Moderate
CVE-2023-37911
was published
for
org.xwiki.platform:xwiki-platform-oldcore
(Maven)
Oct 25, 2023
An issue in WIPOTEC GmbH ComScale v4.3.29.21344 and v4.4.12.723 allows unauthenticated attackers...
Critical
Unreviewed
CVE-2023-45911
was published
Oct 18, 2023
MantisBT may disclose project names to unauthorized users
Moderate
CVE-2023-44394
was published
for
mantisbt/mantisbt
(Composer)
Oct 17, 2023
Archer Platform 6.x before 6.13 P2 HF2 (6.13.0.2.2) contains a sensitive information disclosure...
Moderate
Unreviewed
CVE-2023-45357
was published
Oct 17, 2023
The WP Job Openings WordPress plugin before 3.4.3 does not block listing the contents of the...
Moderate
Unreviewed
CVE-2023-4933
was published
Oct 16, 2023
IBM Security Verify Governance 10.0, Identity Manager could allow a local privileged user to...
Moderate
Unreviewed
CVE-2023-35013
was published
Oct 16, 2023
Apache Airflow vulnerable to privilege escalation
Moderate
CVE-2023-42792
was published
for
apache-airflow
(pip)
Oct 14, 2023
An information disclosure vulnerability exists in the CtEnumCa() functionality of SoftEther VPN 4...
Moderate
Unreviewed
CVE-2023-32275
was published
Oct 12, 2023
Broadcast permission control vulnerability in the Bluetooth module.Successful exploitation of...
Moderate
Unreviewed
CVE-2023-44102
was published
Oct 11, 2023
The Bluetooth module has a vulnerability in permission control for broadcast notifications...
High
Unreviewed
CVE-2023-44101
was published
Oct 11, 2023
Remote Procedure Call Information Disclosure Vulnerability
High
Unreviewed
CVE-2023-36596
was published
Oct 10, 2023
Microsoft Dynamics 365 (On-Premises) Information Disclosure Vulnerability
Moderate
Unreviewed
CVE-2023-36429
was published
Oct 10, 2023
The Sangfor Next-Gen Application Firewall version NGAF8.0.17 is vulnerable to a source code...
Moderate
Unreviewed
CVE-2023-30802
was published
Oct 10, 2023
The vulnerability is to theft of arbitrary files with system privilege in the LockScreenSettings ...
High
Unreviewed
CVE-2023-44122
was published
Sep 27, 2023
The vulnerability is to theft of arbitrary files with system privilege in the Screen recording (...
Low
Unreviewed
CVE-2023-44124
was published
Sep 27, 2023
** DISPUTED ** Plesk Onyx 17.8.11 has accessKeyId and secretAccessKey fields that are related to...
High
Unreviewed
CVE-2023-43784
was published
Sep 22, 2023
Cadence through 0.9.2 2023-08-21 uses an Insecure /tmp/cadence-wineasio.reg Temporary File. The...
High
Unreviewed
CVE-2023-43783
was published
Sep 22, 2023
Cadence through 0.9.2 2023-08-21 uses an Insecure /tmp/.cadence-aloop-daemon.x Temporary File....
Moderate
Unreviewed
CVE-2023-43782
was published
Sep 22, 2023
NVIDIA GeForce Now for Android contains a vulnerability in the game launcher component, where a...
Moderate
Unreviewed
CVE-2023-31014
was published
Sep 20, 2023
An information leak in youmart-tokunaga v13.6.1 allows attackers to obtain the channel access...
Moderate
Unreviewed
CVE-2023-39049
was published
Sep 19, 2023
An information leak in Coffee-jumbo v13.6.1 allows attackers to obtain the channel access token...
Moderate
Unreviewed
CVE-2023-39056
was published
Sep 19, 2023
An information leak in TonTon-Tei_waiting Line v13.6.1 allows attackers to obtain the channel...
Moderate
Unreviewed
CVE-2023-39046
was published
Sep 19, 2023
SpringBlade <=V3.6.0 is vulnerable to Incorrect Access Control due to incorrect configuration in...
Moderate
Unreviewed
CVE-2023-40788
was published
Sep 19, 2023
An information leak in Cheese Cafe Line v13.6.1 allows attackers to obtain the channel access...
Moderate
Unreviewed
CVE-2023-39040
was published
Sep 18, 2023
ProTip!
Advisories are also available from the
GraphQL API