Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,081
Erlang
29
GitHub Actions
19
Go
1,909
Maven
5,000+
npm
3,642
NuGet
638
pip
3,258
Pub
10
RubyGems
869
Rust
820
Swift
35
Unreviewed advisories
All unreviewed
5,000+

61 advisories

Loading
Shopware XXE Vulnerability Moderate
CVE-2017-18357 was published for shopware/shopware (Composer) May 14, 2022
The WordPress Infinite Scroll – Ajax Load More plugin for Wordpress is vulnerable to arbitrary... Moderate Unreviewed
CVE-2022-2943 was published Sep 7, 2022
A unintended proxy or intermediary ('confused deputy') in Fortinet FortiWeb version 6.4.1 and... Moderate Unreviewed
CVE-2021-36190 was published Dec 9, 2021
Hisuite module has a External Control of System or Configuration Setting vulnerability.Successful... Moderate Unreviewed
CVE-2021-37112 was published Jan 4, 2022
ingress-nginx component for Kubernetes allows file overwrite Moderate
CVE-2020-8553 was published for k8s.io/ingress-nginx (Go) May 24, 2022
Local privilege escalation during recovery due to improper soft link handling. The following... Moderate Unreviewed
CVE-2022-46868 was published Aug 31, 2023
Local privilege escalation due to improper soft link handling. The following products are... Moderate Unreviewed
CVE-2023-44209 was published Oct 4, 2023
in-toto vulnerable to Configuration Read From Local Directory Moderate
CVE-2023-32076 was published for in-toto (pip) May 11, 2023
A vulnerability has been found in SourceCodester Student Study Center Desk Management System 1.0... Moderate Unreviewed
CVE-2023-2152 was published Apr 18, 2023
In FillUi of FillUi.java, there is a possible way to view another user's images due to a confused... Moderate Unreviewed
CVE-2023-40139 was published Oct 27, 2023
This external control vulnerability, if exploited, could allow a local OS-authenticated user... Moderate Unreviewed
CVE-2023-34982 was published Nov 15, 2023
A vulnerability was found in SourceCodester Simple Student Attendance System 1.0. It has been... Moderate Unreviewed
CVE-2023-6618 was published Dec 8, 2023
In visitUris of Notification.java, there is a possible way to display images from another user... Moderate Unreviewed
CVE-2023-35668 was published Dec 5, 2023
An information disclosure vulnerability exists in the aVideoEncoderReceiveImage.json.php image... Moderate Unreviewed
CVE-2023-49864 was published Jan 10, 2024
An information disclosure vulnerability exists in the aVideoEncoderReceiveImage.json.php image... Moderate Unreviewed
CVE-2023-49862 was published Jan 10, 2024
An information disclosure vulnerability exists in the aVideoEncoderReceiveImage.json.php image... Moderate Unreviewed
CVE-2023-49863 was published Jan 10, 2024
A vulnerability classified as problematic was found in ForU CMS up to 2020-06-23. Affected by... Moderate Unreviewed
CVE-2024-0728 was published Jan 19, 2024
Micronaut management endpoints vulnerable to drive-by localhost attack Moderate
CVE-2024-23639 was published for io.micronaut:micronaut-http-server (Maven) Feb 9, 2024
A file disclosure vulnerability in the Palo Alto Networks Cortex XSOAR server software enables an... Moderate Unreviewed
CVE-2023-0003 was published Feb 8, 2023
When receiving an HTML email that contained an <code>iframe</code> element, which used a <code... Moderate Unreviewed
CVE-2022-3032 was published Dec 22, 2022
CloudLinux CageFS 7.0.8-2 or below insufficiently restricts file paths supplied to the sendmail... Moderate Unreviewed
CVE-2020-36772 was published Jan 22, 2024
A file disclosure vulnerability in Palo Alto Networks PAN-OS software enables an authenticated... Moderate Unreviewed
CVE-2023-0008 was published May 10, 2023
A vulnerability exists in Palo Alto Networks PAN-OS software that enables an authenticated... Moderate Unreviewed
CVE-2023-38046 was published Jul 12, 2023
In PHOENIX CONTACTs WP 6xxx series web panels in versions prior to 4.0.10 a remote attacker with... Moderate Unreviewed
CVE-2023-37855 was published Aug 9, 2023
In PHOENIX CONTACTs WP 6xxx series web panels in versions prior to 4.0.10 a remote attacker with... Moderate Unreviewed
CVE-2023-37856 was published Aug 9, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database