Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

Filter advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
73
GitHub Actions
53
Go
4,004
Maven
5,000+
npm
5,000+
NuGet
974
pip
5,000+
Pub
13
RubyGems
1,069
Rust
1,395
Swift
61
Unreviewed advisories
All unreviewed
5,000+

14,887 advisories

Loading
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Low Unreviewed
CVE-2023-41813 was published Dec 29, 2023
Mattermost Cross-site Scripting vulnerability Low
CVE-2023-7113 was published for github.com/mattermost/mattermost/server/v8 (Go) Dec 29, 2023
A vulnerability was found in Novel-Plus up to 4.2.0. It has been declared as problematic.... Low Unreviewed
CVE-2023-7171 was published Dec 29, 2023
Gallery3d on Tecno Camon X CA7 devices allows attackers to view hidden images by navigating to... Low Unreviewed
CVE-2023-52275 was published Dec 31, 2023
A vulnerability was found in RRJ Nueva Ecija Engineer Online Portal 1.0. It has been declared as... Low Unreviewed
CVE-2024-0181 was published Jan 1, 2024
A vulnerability was found in RRJ Nueva Ecija Engineer Online Portal 1.0. It has been declared as... Low Unreviewed
CVE-2024-0184 was published Jan 2, 2024
A vulnerability was found in RRJ Nueva Ecija Engineer Online Portal 1.0. It has been classified... Low Unreviewed
CVE-2024-0183 was published Jan 2, 2024
A vulnerability classified as problematic has been found in HuiRan Host Reseller System up to 2.0... Low Unreviewed
CVE-2024-0186 was published Jan 2, 2024
in OpenHarmony v3.2.2 and prior versions allow a local attacker cause DOS through occupy all... Low Unreviewed
CVE-2023-47216 was published Jan 2, 2024
Mattermost allows demoted guests to change group names Low
CVE-2023-50333 was published for github.com/mattermost/mattermost/server/v8 (Go) Jan 2, 2024
Winter CMS Local File Inclusion through Server Side Template Injection Low
CVE-2023-52085 was published for winter/wn-backend-module (Composer) Jan 2, 2024
Sanineng Credited to Sanineng
A vulnerability has been found in Zimbra zm-ajax up to 8.8.1 and classified as problematic.... Low Unreviewed
CVE-2017-20188 was published Jan 2, 2024
A vulnerability, which was classified as problematic, was found in RRJ Nueva Ecija Engineer... Low Unreviewed
CVE-2024-0188 was published Jan 2, 2024
Gila CMS SQL Injection vulnerability Low
CVE-2020-26624 was published for gilacms/gila (Composer) Jan 3, 2024
Gila CMS SQL Injection vulnerability Low
CVE-2020-26625 was published for gilacms/gila (Composer) Jan 3, 2024
HCL DRYiCE MyXalytics is impacted by an Open Redirect vulnerability which could allow an attacker... Low Unreviewed
CVE-2023-50345 was published Jan 3, 2024
HCL DRYiCE MyXalytics is impacted by an information disclosure vulnerability. Certain endpoints... Low Unreviewed
CVE-2023-50346 was published Jan 3, 2024
HCL DRYiCE MyXalytics is impacted by an improper error handling vulnerability. The application... Low Unreviewed
CVE-2023-50348 was published Jan 3, 2024
A flaw was found in libssh. By utilizing the ProxyCommand or ProxyJump feature, users can exploit... Low Unreviewed
CVE-2023-6004 was published Jan 3, 2024
A use-after-free flaw was found in PackageKitd. In some conditions, the order of cleanup... Low Unreviewed
CVE-2024-0217 was published Jan 3, 2024
The DES/3DES cipher was used as part of the TLS protocol by installation tools Low
GHSA-7xg2-83f8-39mr was published for github.com/karmada-io/karmada (Go) Jan 3, 2024
zhzhuang-zju Credited to zhzhuang-zju and yanfeng1992 yanfeng1992 yanfeng1992
Implicit intent hijacking vulnerability in Samsung Email prior to version 6.1.90.16 allows... Low Unreviewed
CVE-2024-20807 was published Jan 4, 2024
Path traversal vulnerability in ZipCompressor of MyFiles prior to SMR Jan-2024 Release 1 in... Low Unreviewed
CVE-2024-20805 was published Jan 4, 2024
Duplicate Advisory: Race Condition leading to logging errors Low
GHSA-v444-jggx-6v7f was published for audited (RubyGems) Jan 4, 2024 withdrawn
Duplicate Advisory: Malicious URL drafting attack against iodines static file server may allow path traversal Low
GHSA-qwf7-rv77-fcr3 was published for iodine (RubyGems) Jan 4, 2024 withdrawn
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database