GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,081
Erlang
29
GitHub Actions
19
Go
1,909
Maven
5,000+
npm
3,642
NuGet
638
pip
3,258
Pub
10
RubyGems
869
Rust
820
Swift
35
Unreviewed advisories
All unreviewed
5,000+
61 advisories
Filter by severity
Shopware XXE Vulnerability
Moderate
CVE-2017-18357
was published
for
shopware/shopware
(Composer)
May 14, 2022
The WordPress Infinite Scroll – Ajax Load More plugin for Wordpress is vulnerable to arbitrary...
Moderate
Unreviewed
CVE-2022-2943
was published
Sep 7, 2022
A unintended proxy or intermediary ('confused deputy') in Fortinet FortiWeb version 6.4.1 and...
Moderate
Unreviewed
CVE-2021-36190
was published
Dec 9, 2021
Hisuite module has a External Control of System or Configuration Setting vulnerability.Successful...
Moderate
Unreviewed
CVE-2021-37112
was published
Jan 4, 2022
ingress-nginx component for Kubernetes allows file overwrite
Moderate
CVE-2020-8553
was published
for
k8s.io/ingress-nginx
(Go)
May 24, 2022
Local privilege escalation during recovery due to improper soft link handling. The following...
Moderate
Unreviewed
CVE-2022-46868
was published
Aug 31, 2023
Local privilege escalation due to improper soft link handling. The following products are...
Moderate
Unreviewed
CVE-2023-44209
was published
Oct 4, 2023
in-toto vulnerable to Configuration Read From Local Directory
Moderate
CVE-2023-32076
was published
for
in-toto
(pip)
May 11, 2023
A vulnerability has been found in SourceCodester Student Study Center Desk Management System 1.0...
Moderate
Unreviewed
CVE-2023-2152
was published
Apr 18, 2023
In FillUi of FillUi.java, there is a possible way to view another user's images due to a confused...
Moderate
Unreviewed
CVE-2023-40139
was published
Oct 27, 2023
This external control vulnerability, if exploited, could allow a local OS-authenticated user...
Moderate
Unreviewed
CVE-2023-34982
was published
Nov 15, 2023
A vulnerability was found in SourceCodester Simple Student Attendance System 1.0. It has been...
Moderate
Unreviewed
CVE-2023-6618
was published
Dec 8, 2023
In visitUris of Notification.java, there is a possible way to display images from another user...
Moderate
Unreviewed
CVE-2023-35668
was published
Dec 5, 2023
An information disclosure vulnerability exists in the aVideoEncoderReceiveImage.json.php image...
Moderate
Unreviewed
CVE-2023-49864
was published
Jan 10, 2024
An information disclosure vulnerability exists in the aVideoEncoderReceiveImage.json.php image...
Moderate
Unreviewed
CVE-2023-49862
was published
Jan 10, 2024
An information disclosure vulnerability exists in the aVideoEncoderReceiveImage.json.php image...
Moderate
Unreviewed
CVE-2023-49863
was published
Jan 10, 2024
A vulnerability classified as problematic was found in ForU CMS up to 2020-06-23. Affected by...
Moderate
Unreviewed
CVE-2024-0728
was published
Jan 19, 2024
Micronaut management endpoints vulnerable to drive-by localhost attack
Moderate
CVE-2024-23639
was published
for
io.micronaut:micronaut-http-server
(Maven)
Feb 9, 2024
A file disclosure vulnerability in the Palo Alto Networks Cortex XSOAR server software enables an...
Moderate
Unreviewed
CVE-2023-0003
was published
Feb 8, 2023
When receiving an HTML email that contained an <code>iframe</code> element, which used a <code...
Moderate
Unreviewed
CVE-2022-3032
was published
Dec 22, 2022
CloudLinux
CageFS 7.0.8-2 or below insufficiently restricts file paths supplied to
the sendmail...
Moderate
Unreviewed
CVE-2020-36772
was published
Jan 22, 2024
A file disclosure vulnerability in Palo Alto Networks PAN-OS software enables an authenticated...
Moderate
Unreviewed
CVE-2023-0008
was published
May 10, 2023
A vulnerability exists in Palo Alto Networks PAN-OS software that enables an authenticated...
Moderate
Unreviewed
CVE-2023-38046
was published
Jul 12, 2023
In PHOENIX CONTACTs WP 6xxx series web panels in versions prior to 4.0.10 a remote attacker with...
Moderate
Unreviewed
CVE-2023-37855
was published
Aug 9, 2023
In PHOENIX CONTACTs WP 6xxx series web panels in versions prior to 4.0.10 a remote attacker with...
Moderate
Unreviewed
CVE-2023-37856
was published
Aug 9, 2023
ProTip!
Advisories are also available from the
GraphQL API