Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
40
GitHub Actions
38
Go
2,752
Maven
5,000+
npm
4,357
NuGet
765
pip
4,121
Pub
12
RubyGems
961
Rust
1,069
Swift
45
Unreviewed advisories
All unreviewed
5,000+

27,769 advisories

Loading
Wings vulnerable to escape to host from installation container Critical
CVE-2023-32080 was published for github.com/pterodactyl/wings (Go) May 11, 2023
chirag350
Credited to chirag350
Not all valid JavaScript whitespace characters are considered to be whitespace. Templates... Critical Unreviewed
CVE-2023-24540 was published May 11, 2023
PHPOK v6.3 was discovered to contain a remote code execution (RCE) vulnerability. Critical Unreviewed
CVE-2022-47129 was published May 11, 2023
Medical Systems Co. Medisys Weblab Products v19.4.03 was discovered to contain a SQL injection... Critical Unreviewed
CVE-2023-29863 was published May 11, 2023
Buffer overflow in IPP number-up attribute process of Office / Small Office Multifunction... Critical Unreviewed
CVE-2023-0855 was published May 11, 2023
Buffer overflow in IPP sides attribute process of Office / Small Office Multifunction Printers... Critical Unreviewed
CVE-2023-0856 was published May 11, 2023
Buffer overflow in NetBIOS QNAME registering and communication process of Office / Small Office... Critical Unreviewed
CVE-2023-0854 was published May 11, 2023
Buffer overflow in CPCA Resource Download process of Office / Small Office Multifunction Printers... Critical Unreviewed
CVE-2023-0851 was published May 11, 2023
Buffer overflow in the Address Book of Mobile Device function of Office / Small Office... Critical Unreviewed
CVE-2023-0852 was published May 11, 2023
Buffer overflow in mDNS NSEC record registering process of Office / Small Office Multifunction... Critical Unreviewed
CVE-2023-0853 was published May 11, 2023
An issue was discovered on GL.iNet devices before 3.216. The function guci2_get() found in... Critical Unreviewed
CVE-2023-31475 was published May 11, 2023
A privilege escalation issue was found in PHP Gurukul Hospital Management System In v.4.0 allows... Critical Unreviewed
CVE-2023-31498 was published May 11, 2023
A vulnerability, which was classified as critical, was found in USR USR-G806 1.0.41. Affected is... Critical Unreviewed
CVE-2023-2645 was published May 11, 2023
Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability... Critical Unreviewed
CVE-2022-29842 was published May 10, 2023
Prestashop posstaticfooter <= 1.0.0 is vulnerable to SQL Injection via posstaticfooter:... Critical Unreviewed
CVE-2023-30194 was published May 10, 2023
HHVM 4.172.0 and all prior versions use TLS 1.0 for secure connections when handling tls:// URLs... Critical Unreviewed
CVE-2022-36937 was published May 10, 2023
Shenzen Tenda Technology IP Camera CP3 V11.10.00.2211041355 was discovered to contain a hard... Critical Unreviewed
CVE-2023-30352 was published May 10, 2023
Shenzen Tenda Technology IP Camera CP3 V11.10.00.2211041355 allows unauthenticated remote code... Critical Unreviewed
CVE-2023-30353 was published May 10, 2023
Shenzen Tenda Technology IP Camera CP3 V11.10.00.2211041355 does not defend against physical... Critical Unreviewed
CVE-2023-30354 was published May 10, 2023
An issue was discovered on GL.iNet devices before 3.216. Through the software installation... Critical Unreviewed
CVE-2023-31471 was published May 10, 2023
An issue was discovered in Veritas InfoScale Operations Manager (VIOM) before 7.4.2.800 and 8.x... Critical Unreviewed
CVE-2023-32569 was published May 10, 2023
A security vulnerability has been discovered in the implementation of 2FA on the rocket.chat... Critical Unreviewed
CVE-2023-28316 was published May 10, 2023
Insufficient input validation in the SMU may allow an attacker to corrupt SMU SRAM potentially... Critical Unreviewed
CVE-2021-46762 was published May 9, 2023
A malicious or compromised UApp or ABL can send a malformed system call to the bootloader, which... Critical Unreviewed
CVE-2021-46760 was published May 9, 2023
Improper access control settings in ASP Bootloader may allow an attacker to corrupt the return... Critical Unreviewed
CVE-2023-20520 was published May 9, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database