GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
27,557 advisories
hutool-core was discovered to contain a stack overflow via NumberUtil.toBigDecimal method
High
CVE-2023-51080
was published
for
cn.hutool:hutool-core
(Maven)
Dec 27, 2023
Maliciously crafted Git server replies can cause DoS on go-git clients
High
CVE-2023-49568
was published
for
github.com/go-git/go-git/v5
(Go)
Dec 27, 2023
Open redirect vulnerability in Flask-Security-Too
Moderate
CVE-2023-49438
was published
for
Flask-Security-Too
(pip)
Dec 27, 2023
Nautobot missing object-level permissions enforcement when running Job Buttons
Low
CVE-2023-51649
was published
for
nautobot
(pip)
Dec 22, 2023
Snowflake Connector .NET does not properly check the Certificate Revocation List (CRL)
Moderate
CVE-2023-51662
was published
for
Snowflake.Data
(NuGet)
Dec 22, 2023
Potential URI resolution path traversal in the AWS SDK for PHP
Moderate
CVE-2023-51651
was published
for
aws/aws-sdk-php
(Composer)
Dec 21, 2023
Authenticated Blind SSRF in automad/automad
Low
CVE-2023-7037
was published
for
automad/automad
(Composer)
Dec 21, 2023
Cross-Site Request Forgery (CSRF) in automad/automad
Moderate
CVE-2023-7038
was published
for
automad/automad
(Composer)
Dec 21, 2023
Withdrawn Advisory: Unrestricted File Upload affecting automad
Moderate
CVE-2023-7036
was published
for
automad/automad
(Composer)
Dec 21, 2023
•
withdrawn
Gradio makes the `/file` secure against file traversal and server-side request forgery attacks
High
CVE-2023-51449
was published
for
gradio
(pip)
Dec 21, 2023
Withdrawn Advisory: Stored Cross-site scripting affecting automad/automad
Low
CVE-2023-7035
was published
for
automad/automad
(Composer)
Dec 21, 2023
•
withdrawn
ProTip!
Advisories are also available from the
GraphQL API