Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,189
Erlang
31
GitHub Actions
19
Go
1,985
Maven
5,000+
npm
3,701
NuGet
657
pip
3,326
Pub
11
RubyGems
882
Rust
836
Swift
35
Unreviewed advisories
All unreviewed
5,000+

983 advisories

Loading
Use of implicit intent for sensitive communication vulnerability in... Moderate Unreviewed
CVE-2023-42546 was published Nov 13, 2023
Use of implicit intent for sensitive communication vulnerability in startEmailValidationActivity... Moderate Unreviewed
CVE-2023-42547 was published Nov 13, 2023
Moodle Exposure of Sensitive Information to an Unauthorized Actor vulnerability Moderate
CVE-2023-5545 was published for moodle/moodle (Composer) Nov 9, 2023
Moodle Improper Access Control vulnerability Moderate
CVE-2023-5542 was published for moodle/moodle (Composer) Nov 9, 2023
A flaw was found In 3Scale Admin Portal. If a user logs out from the personal tokens page and... Moderate Unreviewed
CVE-2023-4910 was published Nov 6, 2023
A vulnerability has been identified in PT-G503 Series versions prior to v5.2, where the session... Low Unreviewed
CVE-2023-4217 was published Nov 2, 2023
A vulnerability was found in insights-client. This security issue occurs because of insecure file... High Unreviewed
CVE-2023-3972 was published Nov 1, 2023
Authenticated clients can read arbitrary files on the MAIN Computer system using the remote... Low Unreviewed
CVE-2023-2622 was published Nov 1, 2023
An issue in Univention UCS v.5.0 allows a local attacker to execute arbitrary code and gain... High Unreviewed
CVE-2023-38994 was published Oct 31, 2023
org.xwiki.platform:xwiki-platform-oldcore may leak data through deleted and re-created documents Moderate
CVE-2023-37911 was published for org.xwiki.platform:xwiki-platform-oldcore (Maven) Oct 25, 2023
An issue in WIPOTEC GmbH ComScale v4.3.29.21344 and v4.4.12.723 allows unauthenticated attackers... Critical Unreviewed
CVE-2023-45911 was published Oct 18, 2023
MantisBT may disclose project names to unauthorized users Moderate
CVE-2023-44394 was published for mantisbt/mantisbt (Composer) Oct 17, 2023
Archer Platform 6.x before 6.13 P2 HF2 (6.13.0.2.2) contains a sensitive information disclosure... Moderate Unreviewed
CVE-2023-45357 was published Oct 17, 2023
The WP Job Openings WordPress plugin before 3.4.3 does not block listing the contents of the... Moderate Unreviewed
CVE-2023-4933 was published Oct 16, 2023
IBM Security Verify Governance 10.0, Identity Manager could allow a local privileged user to... Moderate Unreviewed
CVE-2023-35013 was published Oct 16, 2023
Apache Airflow vulnerable to privilege escalation Moderate
CVE-2023-42792 was published for apache-airflow (pip) Oct 14, 2023
An information disclosure vulnerability exists in the CtEnumCa() functionality of SoftEther VPN 4... Moderate Unreviewed
CVE-2023-32275 was published Oct 12, 2023
Broadcast permission control vulnerability in the Bluetooth module.Successful exploitation of... Moderate Unreviewed
CVE-2023-44102 was published Oct 11, 2023
The Bluetooth module has a vulnerability in permission control for broadcast notifications... High Unreviewed
CVE-2023-44101 was published Oct 11, 2023
Remote Procedure Call Information Disclosure Vulnerability High Unreviewed
CVE-2023-36596 was published Oct 10, 2023
Microsoft Dynamics 365 (On-Premises) Information Disclosure Vulnerability Moderate Unreviewed
CVE-2023-36429 was published Oct 10, 2023
The Sangfor Next-Gen Application Firewall version NGAF8.0.17 is vulnerable to a source code... Moderate Unreviewed
CVE-2023-30802 was published Oct 10, 2023
The vulnerability is to theft of arbitrary files with system privilege in the Screen recording (... Low Unreviewed
CVE-2023-44124 was published Sep 27, 2023
The vulnerability is to theft of arbitrary files with system privilege in the LockScreenSettings ... High Unreviewed
CVE-2023-44122 was published Sep 27, 2023
Cadence through 0.9.2 2023-08-21 uses an Insecure /tmp/.cadence-aloop-daemon.x Temporary File.... Moderate Unreviewed
CVE-2023-43782 was published Sep 22, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database