Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,972
Erlang
29
GitHub Actions
16
Go
1,762
Maven
4,983
npm
3,518
NuGet
609
pip
3,094
Pub
10
RubyGems
833
Rust
782
Swift
34
Unreviewed advisories
All unreviewed
5,000+

10,675 advisories

Loading
HCL Connections is vulnerable to an information disclosure vulnerability which could allow a user... Low Unreviewed
CVE-2023-28022 was published Dec 16, 2023
yii2-authclient vulnerable to possible timing attack on string comparison in OAuth1, OAuth2 and OpenID Connect implementation Low
CVE-2023-50708 was published for yiisoft/yii2-authclient (Composer) Dec 18, 2023
rhertogh
Improper input validation of a large HTTP request in the Controller 6000 and Controller 7000... Low Unreviewed
CVE-2023-22439 was published Dec 19, 2023
Sensitive information uncleared after debug/power state transition in the Controller 6000 could... Low Unreviewed
CVE-2023-41967 was published Dec 19, 2023
A flaw was found in the libssh implements abstract layer for message digest (MD) operations... Low Unreviewed
CVE-2023-6918 was published Dec 19, 2023
A vulnerability has been found in SourceCodester Online Student Management System 1.0 and... Low Unreviewed
CVE-2023-6945 was published Dec 19, 2023
Authorization Bypass Through User-Controlled Key vulnerability in gVectors Team Comments –... Low Unreviewed
CVE-2023-46311 was published Dec 20, 2023
Stored Cross-site scripting affecting automad/automad Low
CVE-2023-7035 was published for automad/automad (Composer) Dec 21, 2023
A race condition in GitHub Enterprise Server allowed an existing admin to maintain permissions on... Low Unreviewed
CVE-2023-6690 was published Dec 21, 2023
An incorrect authorization vulnerability was identified in GitHub Enterprise Server that allowed... Low Unreviewed
CVE-2023-51380 was published Dec 21, 2023
A vulnerability was found in PHPGurukul Online Notes Sharing System 1.0. It has been declared as... Low Unreviewed
CVE-2023-7053 was published Dec 22, 2023
A vulnerability classified as problematic was found in code-projects Faculty Management System 1... Low Unreviewed
CVE-2023-7056 was published Dec 22, 2023
Nautobot missing object-level permissions enforcement when running Job Buttons Low
CVE-2023-51649 was published for nautobot (pip) Dec 22, 2023
abdikanipd
A vulnerability was found in w3c online-spellchecker-py up to 20140130. It has been rated as... Low Unreviewed
CVE-2014-125108 was published Dec 23, 2023
** UNSUPPORTED WHEN ASSIGNED ** A vulnerability classified as problematic was found in icret... Low Unreviewed
CVE-2023-7098 was published Dec 25, 2023
A flaw was found in Infinispan. When serializing the configuration for a cache to XML/JSON/YAML,... Low Unreviewed
CVE-2023-5384 was published Dec 28, 2023
A vulnerability was found in code-projects Intern Membership Management System 2.0. It has been... Low Unreviewed
CVE-2023-7132 was published Dec 28, 2023
A vulnerability classified as problematic has been found in code-projects Record Management... Low Unreviewed
CVE-2023-7135 was published Dec 28, 2023
A vulnerability classified as problematic was found in code-projects Record Management System 1.0... Low Unreviewed
CVE-2023-7136 was published Dec 28, 2023
Winter CMS Stored XSS through privileged upload of Media Manager file followed by renaming Low
CVE-2023-52083 was published for winter/wn-system-module (Composer) Dec 28, 2023
Cyber-Wo0dy
Winter CMS Stored XSS through Backend ColorPicker FormWidget Low
CVE-2023-52084 was published for winter/wn-backend-module (Composer) Dec 28, 2023
Sanineng
A vulnerability was found in code-projects Client Details System 1.0. It has been rated as... Low Unreviewed
CVE-2023-7143 was published Dec 29, 2023
Some Honor products are affected by incorrect privilege assignment vulnerability, successful... Low Unreviewed
CVE-2023-23428 was published Dec 29, 2023
Some Honor products are affected by information leak vulnerability, successful exploitation... Low Unreviewed
CVE-2023-23437 was published Dec 29, 2023
Some Honor products are affected by incorrect privilege assignment vulnerability, successful... Low Unreviewed
CVE-2023-23430 was published Dec 29, 2023
ProTip! Advisories are also available from the GraphQL API