GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,971
Erlang
29
GitHub Actions
16
Go
1,752
Maven
4,982
npm
3,516
NuGet
609
pip
3,091
Pub
10
RubyGems
833
Rust
782
Swift
34
Unreviewed advisories
All unreviewed
5,000+
109,387 advisories
Filter by severity
IBM Sterling Partner Engagement Manager 6.1, 6.2, and 6.2.1 is vulnerable to cross-site scripting...
Moderate
Unreviewed
CVE-2023-23480
was published
Jun 8, 2023
IBM TXSeries for Multiplatforms 8.1, 8.2, 9.1, CICS TX Standard, 11.1, CICS TX Advanced 10.1, and...
Moderate
Unreviewed
CVE-2023-33846
was published
Jun 8, 2023
IBM TXSeries for Multiplatforms 8.1, 8.2, 9.1, CICS TX Standard, 11.1, CICS TX Advanced 10.1, and...
Moderate
Unreviewed
CVE-2023-33848
was published
Jun 7, 2023
An issue has been discovered in GitLab EE affecting all versions starting from 12.0 before 15.10...
Moderate
Unreviewed
CVE-2023-2589
was published
Jun 7, 2023
An issue has been discovered in GitLab CE/EE affecting all versions starting from 14.1 before 15...
Moderate
Unreviewed
CVE-2023-2485
was published
Jun 7, 2023
An issue has been discovered in GitLab CE/EE affecting all versions starting from 15.8 before 15...
Moderate
Unreviewed
CVE-2023-2015
was published
Jun 7, 2023
An issue has been discovered in GitLab CE/EE affecting all versions starting from 15.4 before 15...
Moderate
Unreviewed
CVE-2023-0508
was published
Jun 7, 2023
An issue has been discovered in GitLab CE/EE affecting all versions starting from 1.2 before 15...
Moderate
Unreviewed
CVE-2023-2013
was published
Jun 7, 2023
An issue has been discovered in GitLab CE/EE affecting all versions before 15.10.8, all versions...
Moderate
Unreviewed
CVE-2023-2001
was published
Jun 7, 2023
An issue has been discovered in GitLab EE affecting all versions starting from 15.7 before 15.10...
Moderate
Unreviewed
CVE-2023-1825
was published
Jun 7, 2023
An issue has been discovered in GitLab CE/EE affecting all versions starting from 15.11 before 15...
Moderate
Unreviewed
CVE-2023-2442
was published
Jun 7, 2023
The 10Web Photo Gallery plugin through 1.5.69 for WordPress allows XSS via theme_id for...
Moderate
Unreviewed
CVE-2021-46889
was published
Jun 7, 2023
VMware Tools for Windows (12.x.y prior to 12.1.5, 11.x.y and 10.x.y) contains a denial-of-service...
Moderate
Unreviewed
CVE-2022-31693
was published
Jun 7, 2023
The WooCommerce Multi Currency plugin for WordPress is vulnerable to authorization bypass due to...
Moderate
Unreviewed
CVE-2021-4379
was published
Jun 7, 2023
Missing HTTP headers (X-Frame-Options, Content-Security-Policy) in KNIME
Business Hub before 1.4...
Moderate
Unreviewed
CVE-2023-3140
was published
Jun 7, 2023
On Triangle MicroWorks' SCADA Data Gateway version <= v5.01.03, an unauthenticated attacker can...
Moderate
Unreviewed
CVE-2023-2187
was published
Jun 7, 2023
Due to failure in validating the length provided by an attacker-crafted IEEE-C37.118 packet,...
Moderate
Unreviewed
CVE-2023-0668
was published
Jun 7, 2023
Due to failure in validating the length provided by an attacker-crafted MSMMS packet, Wireshark...
Moderate
Unreviewed
CVE-2023-0667
was published
Jun 7, 2023
Due to failure in validating the length provided by an attacker-crafted RTPS packet, Wireshark...
Moderate
Unreviewed
CVE-2023-0666
was published
Jun 7, 2023
The B2BKing plugin for WordPress is vulnerable to unauthorized access of data due to a missing...
Moderate
Unreviewed
CVE-2023-3126
was published
Jun 7, 2023
The B2BKing plugin for WordPress is vulnerable to unauthorized modification of data due to a...
Moderate
Unreviewed
CVE-2023-3125
was published
Jun 7, 2023
The Better Search plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up...
Moderate
Unreviewed
CVE-2021-4373
was published
Jun 7, 2023
The WP Quick FrontEnd Editor plugin for WordPress is vulnerable to page content injection in...
Moderate
Unreviewed
CVE-2021-4383
was published
Jun 7, 2023
The FlyingPress plugin for WordPress is vulnerable to authorization bypass due to a missing...
Moderate
Unreviewed
CVE-2022-4948
was published
Jun 7, 2023
The WooCommerce Multi Currency plugin for WordPress is vulnerable to Missing Authorization in...
Moderate
Unreviewed
CVE-2021-4376
was published
Jun 7, 2023
ProTip!
Advisories are also available from the
GraphQL API