GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,968
Erlang
29
GitHub Actions
16
Go
1,749
Maven
4,978
npm
3,509
NuGet
609
pip
3,084
Pub
10
RubyGems
832
Rust
782
Swift
34
Unreviewed advisories
All unreviewed
5,000+
1,664 advisories
Filter by severity
Allocation of Resources Without Limits in Keycloak
High
CVE-2023-6563
was published
for
org.keycloak:keycloak-model-jpa
(Maven)
Dec 14, 2023
Arbitrary file deletion vulnerability in Jenkins Scriptler Plugin
High
CVE-2023-50764
was published
for
org.jenkins-ci.plugins:scriptler
(Maven)
Dec 13, 2023
Jenkins Nexus Platform Plugin Cross-Site Request Forgery vulnerability
High
CVE-2023-50766
was published
for
org.sonatype.nexus.ci:nexus-jenkins-plugin
(Maven)
Dec 13, 2023
Jenkins Nexus Platform Plugin missing permission check
High
CVE-2023-50767
was published
for
org.sonatype.nexus.ci:nexus-jenkins-plugin
(Maven)
Dec 13, 2023
Cross-site request forgery vulnerability in Jenkins HTMLResource Plugin
High
CVE-2023-50774
was published
for
org.jenkins-ci.plugins:htmlresource
(Maven)
Dec 13, 2023
Cross Site Request Forgery in Silverpeas
High
CVE-2023-47322
was published
for
org.silverpeas.core:silverpeas-core-web
(Maven)
Dec 13, 2023
Missing access control in Silverpeas
High
CVE-2023-47323
was published
for
org.silverpeas.core:silverpeas-core-api
(Maven)
Dec 13, 2023
Cross Site Request Forgery in Silverpeas
High
CVE-2023-47326
was published
for
org.silverpeas.core:silverpeas-core
(Maven)
Dec 13, 2023
Directory Traversal in JFinalCMS
High
CVE-2023-50449
was published
for
com.jfinal:jfinal
(Maven)
Dec 10, 2023
Authorization bypass in Quarkus
High
CVE-2023-6394
was published
for
io.quarkus:quarkus-smallrye-graphql-client
(Maven)
Dec 9, 2023
Data leak of password hash through change requests
High
CVE-2023-49280
was published
for
org.xwiki.contrib.changerequest:application-changerequest-default
(Maven)
Dec 5, 2023
Cross-Site Request Forgery in JFinalCMS via /admin/div/delete
High
CVE-2023-49382
was published
for
com.jfinal:jfinal
(Maven)
Dec 5, 2023
Cross-Site Request Forgery in JFinalCMS via /admin/tag/save
High
CVE-2023-49383
was published
for
com.jfinal:jfinal
(Maven)
Dec 5, 2023
Cross-Site Request Forgery in JFinalCMS via /admin/div/update
High
CVE-2023-49381
was published
for
com.jfinal:jfinal
(Maven)
Dec 5, 2023
Cross-Site Request Forgery in JFinalCMS via /admin/nav/update
High
CVE-2023-49447
was published
for
com.jfinal:jfinal
(Maven)
Dec 5, 2023
Cross-Site Request Forgery in JFinalCMS via /admin/category/delete
High
CVE-2023-49398
was published
for
com.jfinal:jfinal
(Maven)
Dec 5, 2023
Cross-Site Request Forgery in JFinalCMS via /admin/category/save
High
CVE-2023-49396
was published
for
com.jfinal:jfinal
(Maven)
Dec 5, 2023
Cross-Site Request Forgery in JFinalCMS via /admin/category/updateStatus
High
CVE-2023-49397
was published
for
com.jfinal:jfinal
(Maven)
Dec 5, 2023
Cross-Site Request Forgery in JFinalCMS via admin/nav/delete
High
CVE-2023-49448
was published
for
com.jfinal:jfinal
(Maven)
Dec 5, 2023
Cross-Site Request Forgery in JFinalCMS via /admin/nav/save
High
CVE-2023-49446
was published
for
com.jfinal:jfinal
(Maven)
Dec 5, 2023
Cross-Site Request Forgery in JFinalCMS via /admin/category/update
High
CVE-2023-49395
was published
for
com.jfinal:jfinal
(Maven)
Dec 5, 2023
Cross-Site Request Forgery in JFinalCMS
High
CVE-2023-49373
was published
for
com.jfinal:jfinal
(Maven)
Dec 5, 2023
Cross-Site Request Forgery in JFinalCMS via the component /admin/friend_link/save
High
CVE-2023-49379
was published
for
com.jfinal:jfinal
(Maven)
Dec 5, 2023
Cross-Site Request Forgery in JFinalCMS via /admin/slide/update
High
CVE-2023-49374
was published
for
com.jfinal:jfinal
(Maven)
Dec 5, 2023
Cross-Site Request Forgery in JFinalCMS
High
CVE-2023-49376
was published
for
com.jfinal:jfinal
(Maven)
Dec 5, 2023
ProTip!
Advisories are also available from the
GraphQL API