GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 19,410
Composer 3,972
Erlang 29
GitHub Actions 16
Go 1,762
Maven 4,983
npm 3,518
NuGet 609
pip 3,094
Pub 10
RubyGems 833
Rust 782
Swift 34

Unreviewed advisories

All unreviewed 221,725

CC-BY-4.0 License

Language support

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

100,773 advisories

Filter by severity

Sort by

Least recently updated

Cross-site scripting (XSS) vulnerability in opensolution Quick CMS v.6.7 allows a local attacker... Moderate Unreviewed

CVE-2023-43342 was published Oct 20, 2023

Cross Site Scripting vulnerability in CMSmadesimple v.2.2.18 allows a local attacker to execute... Moderate Unreviewed

CVE-2023-43359 was published Oct 20, 2023

An issue was discovered in TrEEConfigDriver in Insyde InsydeH2O with kernel 5.0 through 5.5. It... Moderate Unreviewed

CVE-2023-30633 was published Oct 19, 2023

The affected product is vulnerable to an exposure of sensitive information to an... Moderate Unreviewed

CVE-2023-42666 was published Oct 19, 2023

The affected product is vulnerable to a cleartext transmission of sensitive... Moderate Unreviewed

CVE-2023-41088 was published Oct 19, 2023

The affected product is vulnerable to a cross-site scripting vulnerability, which could allow an... Moderate Unreviewed

CVE-2023-40153 was published Oct 19, 2023

** UNSUPPORTED WHEN ASSIGNED ** D-Link (Non-US) DSL-2750U N300 ADSL2+ and (Non-US) DSL-2730U N150... Moderate Unreviewed

CVE-2023-46033 was published Oct 19, 2023

An issue in Yamcs 5.8.6 allows attackers to obtain the session cookie via upload of crafted HTML... Moderate Unreviewed

CVE-2023-45281 was published Oct 19, 2023

The SolarWinds Access Rights Manager was susceptible to a Directory Traversal Remote Code... Moderate Unreviewed

CVE-2023-35185 was published Oct 19, 2023

A Path Traversal vulnerability exists in PaperCut NG before 22.1.1 and PaperCut MF before 22.1.1.... Moderate Unreviewed

CVE-2023-31046 was published Oct 19, 2023

A flaw in the TETRA authentication procecure allows a MITM adversary that can predict the MS... Moderate Unreviewed

CVE-2022-24400 was published Oct 19, 2023

The AES implementation in the Texas Instruments OMAP L138 (secure variants), present in mask ROM,... Moderate Unreviewed

CVE-2022-25332 was published Oct 19, 2023

In spring AMQP versions 1.0.0 to 2.4.16 and 3.0.0 to 3.0.9 , allowed list patterns for... Moderate Unreviewed

CVE-2023-34050 was published Oct 19, 2023

The ChatBot plugin for WordPress is vulnerable to Sensitive Information Exposure in versions up... Moderate Unreviewed

CVE-2023-5254 was published Oct 19, 2023

The Team Showcase plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the... Moderate Unreviewed

CVE-2023-5639 was published Oct 19, 2023

HCL Compass is vulnerable to failure to invalidate sessions. The application does not invalidate... Moderate Unreviewed

CVE-2023-37504 was published Oct 19, 2023

The iPanorama 360 – WordPress Virtual Tour Builder plugin for WordPress is vulnerable to SQL... Moderate Unreviewed

CVE-2023-5336 was published Oct 19, 2023

The Ad Inserter for WordPress is vulnerable to Sensitive Information Exposure in versions up to,... Moderate Unreviewed

CVE-2023-4645 was published Oct 19, 2023

The Booster for WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via... Moderate Unreviewed

CVE-2023-5638 was published Oct 19, 2023

zzzcms v2.2.0 was discovered to contain an open redirect vulnerability. Moderate Unreviewed

CVE-2023-45909 was published Oct 19, 2023

Baker Hughes – Bently Nevada 3500 System TDI Firmware version 5.05 contains a replay... Moderate Unreviewed

CVE-2023-36857 was published Oct 19, 2023

Thirty Bees Core v1.4.0 was discovered to contain a reflected cross-site scripting (XSS)... Moderate Unreviewed

CVE-2023-45958 was published Oct 19, 2023

A vulnerability in the web UI of Cisco Catalyst SD-WAN Manager could allow an authenticated,... Moderate Unreviewed

CVE-2023-20261 was published Oct 18, 2023

Roundcube before 1.4.15, 1.5.x before 1.5.5, and 1.6.x before 1.6.4 allows stored XSS via an... Moderate Unreviewed

CVE-2023-5631 was published Oct 18, 2023

Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Mad Fish Digital Bulk NoIndex &... Moderate Unreviewed

CVE-2023-45065 was published Oct 18, 2023

Previous 1 2 … 396 397 398 399 400 Next

ProTip! Advisories are also available from the GraphQL API

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

100,773 advisories