Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,274
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,419
Pub
12
RubyGems
891
Rust
872
Swift
36
Unreviewed advisories
All unreviewed
5,000+

907 advisories

Loading
A vulnerability has been found in Magic-Api up to 2.0.1 and classified as critical. Affected by... Moderate Unreviewed
CVE-2024-0196 was published Jan 3, 2024
A vulnerability, which was classified as critical, was found in spider-flow 0.4.3. Affected is... Moderate Unreviewed
CVE-2024-0195 was published Jan 2, 2024
CSV Injection vulnerability in Sesami Cash Point & Transport Optimizer (CPTO) version 6.3.8.6 (... Moderate Unreviewed
CVE-2023-31296 was published Dec 29, 2023
ShifuML shifu code injection vulnerability Moderate
CVE-2023-7148 was published for ml.shifu:shifu (Maven) Dec 29, 2023
A vulnerability classified as problematic was found in rmountjoy92 DashMachine 0.5-4. Affected by... Moderate Unreviewed
CVE-2023-6899 was published Dec 17, 2023
A vulnerability was found in kalcaddle KodExplorer up to 4.51.03. It has been rated as critical.... Moderate Unreviewed
CVE-2023-6851 was published Dec 16, 2023
An issue has been discovered in GitLab CE/EE affecting all versions from 16.3 before 16.4.4, all... Moderate Unreviewed
CVE-2023-5512 was published Dec 15, 2023
An issue has been discovered in GitLab CE/EE affecting all versions before 16.4.4, all versions... Moderate Unreviewed
CVE-2023-6051 was published Dec 15, 2023
Named path parameters can be overridden in TrieRouter Moderate
CVE-2023-50710 was published for hono (npm) Dec 15, 2023
An issue in DARTS SHOP MAXIM mini-app on Line v13.6.1 allows attackers to send crafted malicious... Moderate Unreviewed
CVE-2023-43301 was published Dec 7, 2023
An issue has been discovered in GitLab affecting all versions before 16.4.3, all versions... Moderate Unreviewed
CVE-2023-5226 was published Dec 1, 2023
October CMS safe mode bypass using Page template injection Moderate
CVE-2023-44381 was published for october/system (Composer) Nov 29, 2023
whatev3n
It was discovered that a user with Fleet admin permissions could upload a malicious package. Due... Moderate Unreviewed
CVE-2021-22150 was published Nov 22, 2023
A vulnerability was found in GetSimpleCMS 3.3.16/3.4.0a. It has been rated as critical. This... Moderate Unreviewed
CVE-2023-6188 was published Nov 17, 2023
Code Injection in GitHub repository salesagility/suitecrm prior to 7.14.2, 7.12.14, 8.4.2. Moderate Unreviewed
CVE-2023-6126 was published Nov 14, 2023
Code Injection in GitHub repository salesagility/suitecrm prior to 7.14.2, 7.12.14, 8.4.2. Moderate Unreviewed
CVE-2023-6125 was published Nov 14, 2023
Moodle Code Injection vulnerability Moderate
CVE-2023-5550 was published for moodle/moodle (Composer) Nov 9, 2023
Moodle Code Injection vulnerability Moderate
CVE-2023-5539 was published for moodle/moodle (Composer) Nov 9, 2023
baserCMS Code Injection Vulnerability in Mail Form Feature Moderate
CVE-2023-43792 was published for baserproject/basercms (Composer) Oct 26, 2023
Jumpserver Koko vulnerable to remote code execution on the host system via MongoDB shell Moderate
CVE-2023-43651 was published for github.com/jumpserver/koko (Go) Oct 24, 2023
oskar-zeinomahmalat-sonarsource
A vulnerability classified as critical has been found in ForU CMS. This affects an unknown part... Moderate Unreviewed
CVE-2023-5221 was published Sep 27, 2023
The Allow PHP in Posts and Pages plugin for WordPress is vulnerable to Remote Code Execution in... Moderate Unreviewed
CVE-2023-4994 was published Sep 16, 2023
LibreNMS Code Injection vulnerability Moderate
CVE-2023-4977 was published for librenms/librenms (Composer) Sep 15, 2023
SAP PowerDesigner Client - version 16.7, allows an unauthenticated attacker to inject VBScript... Moderate Unreviewed
CVE-2023-40621 was published Sep 13, 2023
Electron vulnerable to out-of-package code execution when launched with arbitrary cwd Moderate
CVE-2023-39956 was published for electron (npm) Sep 6, 2023
SimonSiefke MarshallOfSound
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database