GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,972
Erlang
29
GitHub Actions
16
Go
1,762
Maven
4,983
npm
3,518
NuGet
609
pip
3,094
Pub
10
RubyGems
833
Rust
782
Swift
34
Unreviewed advisories
All unreviewed
5,000+
10,675 advisories
Filter by severity
HCL Connections is vulnerable to an information disclosure vulnerability which could allow a user...
Low
Unreviewed
CVE-2023-28022
was published
Dec 16, 2023
yii2-authclient vulnerable to possible timing attack on string comparison in OAuth1, OAuth2 and OpenID Connect implementation
Low
CVE-2023-50708
was published
for
yiisoft/yii2-authclient
(Composer)
Dec 18, 2023
Improper input validation of a large HTTP request in the Controller 6000 and Controller 7000...
Low
Unreviewed
CVE-2023-22439
was published
Dec 19, 2023
Sensitive information uncleared after debug/power state transition in the Controller 6000 could...
Low
Unreviewed
CVE-2023-41967
was published
Dec 19, 2023
A flaw was found in the libssh implements abstract layer for message digest (MD) operations...
Low
Unreviewed
CVE-2023-6918
was published
Dec 19, 2023
A vulnerability has been found in SourceCodester Online Student Management System 1.0 and...
Low
Unreviewed
CVE-2023-6945
was published
Dec 19, 2023
Authorization Bypass Through User-Controlled Key vulnerability in gVectors Team Comments –...
Low
Unreviewed
CVE-2023-46311
was published
Dec 20, 2023
Stored Cross-site scripting affecting automad/automad
Low
CVE-2023-7035
was published
for
automad/automad
(Composer)
Dec 21, 2023
A race condition in GitHub Enterprise Server allowed an existing admin to maintain permissions on...
Low
Unreviewed
CVE-2023-6690
was published
Dec 21, 2023
An incorrect authorization vulnerability was identified in GitHub Enterprise Server that allowed...
Low
Unreviewed
CVE-2023-51380
was published
Dec 21, 2023
A vulnerability was found in PHPGurukul Online Notes Sharing System 1.0. It has been declared as...
Low
Unreviewed
CVE-2023-7053
was published
Dec 22, 2023
A vulnerability classified as problematic was found in code-projects Faculty Management System 1...
Low
Unreviewed
CVE-2023-7056
was published
Dec 22, 2023
Nautobot missing object-level permissions enforcement when running Job Buttons
Low
CVE-2023-51649
was published
for
nautobot
(pip)
Dec 22, 2023
A vulnerability was found in w3c online-spellchecker-py up to 20140130. It has been rated as...
Low
Unreviewed
CVE-2014-125108
was published
Dec 23, 2023
** UNSUPPORTED WHEN ASSIGNED ** A vulnerability classified as problematic was found in icret...
Low
Unreviewed
CVE-2023-7098
was published
Dec 25, 2023
A flaw was found in Infinispan. When serializing the configuration for a cache to XML/JSON/YAML,...
Low
Unreviewed
CVE-2023-5384
was published
Dec 28, 2023
A vulnerability was found in code-projects Intern Membership Management System 2.0. It has been...
Low
Unreviewed
CVE-2023-7132
was published
Dec 28, 2023
A vulnerability classified as problematic has been found in code-projects Record Management...
Low
Unreviewed
CVE-2023-7135
was published
Dec 28, 2023
A vulnerability classified as problematic was found in code-projects Record Management System 1.0...
Low
Unreviewed
CVE-2023-7136
was published
Dec 28, 2023
Winter CMS Stored XSS through privileged upload of Media Manager file followed by renaming
Low
CVE-2023-52083
was published
for
winter/wn-system-module
(Composer)
Dec 28, 2023
Winter CMS Stored XSS through Backend ColorPicker FormWidget
Low
CVE-2023-52084
was published
for
winter/wn-backend-module
(Composer)
Dec 28, 2023
A vulnerability was found in code-projects Client Details System 1.0. It has been rated as...
Low
Unreviewed
CVE-2023-7143
was published
Dec 29, 2023
Some Honor products are affected by incorrect privilege assignment vulnerability, successful...
Low
Unreviewed
CVE-2023-23428
was published
Dec 29, 2023
Some Honor products are affected by information leak vulnerability, successful exploitation...
Low
Unreviewed
CVE-2023-23437
was published
Dec 29, 2023
Some Honor products are affected by incorrect privilege assignment vulnerability, successful...
Low
Unreviewed
CVE-2023-23430
was published
Dec 29, 2023
ProTip!
Advisories are also available from the
GraphQL API