GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,135
Composer 4,081
Erlang 29
GitHub Actions 19
Go 1,909
Maven 5,106
npm 3,642
NuGet 638
pip 3,258
Pub 10
RubyGems 869
Rust 820
Swift 35

Unreviewed advisories

All unreviewed 229,009

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

429 advisories

Filter by severity

Sort by

Least recently updated

A vulnerability has been identified in SICAM PAS/PQS (All versions >= V8.00 < V8.22). The... Moderate Unreviewed

CVE-2023-38640 was published Oct 10, 2023

An issue was discovered in the PageTriage extension for MediaWiki before 1.35.12, 1.36.x through... Moderate Unreviewed

CVE-2023-45369 was published Oct 9, 2023

An issue was discovered in includes/page/Article.php in MediaWiki 1.36.x through 1.39.x before 1... Moderate Unreviewed

CVE-2023-45364 was published Oct 9, 2023

Broadcast permission control vulnerability in the framework module. Successful exploitation of... Moderate Unreviewed

CVE-2023-4565 was published Sep 27, 2023

Vulnerability of improper permission management in the displayengine module. Successful... Moderate Unreviewed

CVE-2023-41295 was published Sep 25, 2023

A vulnerability has been identified in Node.js version 20, affecting users of the experimental... Moderate Unreviewed

CVE-2023-32005 was published Sep 20, 2023

An incorrect permission check in Qualys Container Scanning Connector Plugin 1.6.2.6 and earlier... Moderate Unreviewed

CVE-2023-4777 was published Sep 8, 2023

Insecure Inherited Permissions vulnerability in Schweitzer Engineering Laboratories SEL-5033... Moderate Unreviewed

CVE-2023-34391 was published Aug 31, 2023

A vulnerability has been identified in ioLogik 4000 Series (ioLogik E4200) firmware versions v1.6... Moderate Unreviewed

CVE-2023-4228 was published Aug 24, 2023

A vulnerability in the restricted security domain implementation of Cisco Application Policy... Moderate Unreviewed

CVE-2023-20230 was published Aug 23, 2023

A vulnerability in the CLI of Cisco FXOS Software could allow an authenticated, local attacker to... Moderate Unreviewed

CVE-2023-20234 was published Aug 23, 2023

A vulnerability in the Simple Network Management Protocol (SNMP) service of Cisco FXOS Software... Moderate Unreviewed

CVE-2023-20200 was published Aug 23, 2023

An issue in the delete function in the ActModelController class of jeesite v1.2.6 allows... Moderate Unreviewed

CVE-2023-38991 was published Aug 4, 2023

No access control for the OTP key on OTP entries in Devolutions Remote Desktop Manager... Moderate Unreviewed

CVE-2023-1939 was published Jul 6, 2023

Stormshield Endpoint Security Evolution 2.0.0 through 2.4.2 has Insecure Permissions. An ACL... Moderate Unreviewed

CVE-2023-35800 was published Jun 27, 2023

Stormshield Endpoint Security Evolution 2.0.0 through 2.3.2 has Insecure Permissions. An... Moderate Unreviewed

CVE-2023-35799 was published Jun 27, 2023

Broken access control in the Registration page (/Registration.aspx) of Termenos CWX v8.5.6 allows... Moderate Unreviewed

CVE-2023-34797 was published Jun 15, 2023

Arbitrary file read vulnerability in Jenkins AWS CodeCommit Trigger Plugin Moderate

CVE-2023-35147 was published for org.jenkins-ci.plugins:aws-codecommit-trigger (Maven) Jun 14, 2023

A vulnerability has been identified in POWER METER SICAM Q200 family (All versions < V2.70).... Moderate Unreviewed

CVE-2023-31238 was published Jun 13, 2023

Sensitive Cookie Without 'HttpOnly' Flag vulnerability in ABB REX640 PCL1 (firmware modules), ABB... Moderate Unreviewed

CVE-2023-2876 was published Jun 13, 2023

An issue was discovered in MediaWiki before 1.35.8, 1.36.x and 1.37.x before 1.37.5, and 1.38.x... Moderate Unreviewed

CVE-2022-41766 was published May 29, 2023

Jenkins Azure VM Agents Plugin missing permission checks Moderate

CVE-2023-32990 was published for org.jenkins-ci.plugins:azure-vm-agents (Maven) May 16, 2023

Jenkins Email Extension Plugin missing permission check Moderate

CVE-2023-32979 was published for org.jenkins-ci.plugins:email-ext (Maven) May 16, 2023

Jenkins Tag Profiler Plugin missing permission check Moderate

CVE-2023-33004 was published for org.jenkins-ci.plugins:tag-profiler (Maven) May 16, 2023

Planet's secret file is created with excessive permissions Moderate

CVE-2023-32303 was published for planet (pip) May 12, 2023

Previous 1 2 3 4 5 … 17 18 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

429 advisories