Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
40
GitHub Actions
38
Go
2,752
Maven
5,000+
npm
4,357
NuGet
765
pip
4,121
Pub
12
RubyGems
961
Rust
1,069
Swift
45
Unreviewed advisories
All unreviewed
5,000+

27,769 advisories

Loading
Insufficient validation of inputs in SVC_MAP_USER_STACK in the ASP (AMD Secure Processor)... Critical Unreviewed
CVE-2021-46756 was published May 9, 2023
Failure to validate the length fields of the ASP (AMD Secure Processor) sensor fusion hub headers... Critical Unreviewed
CVE-2021-46753 was published May 9, 2023
Insufficient input validation in the ASP (AMD Secure Processor) bootloader may allow an attacker... Critical Unreviewed
CVE-2021-46754 was published May 9, 2023
Insufficient input validation of mailbox data in the SMU may allow an attacker to coerce the SMU... Critical Unreviewed
CVE-2021-26379 was published May 9, 2023
Improper Neutralization of Invalid Characters in Data Attribute Names in org.xwiki.commons:xwiki-commons-xml Critical
CVE-2023-31126 was published for org.xwiki.commons:xwiki-commons-xml (Maven) May 9, 2023
Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability Critical Unreviewed
CVE-2023-24943 was published May 9, 2023
Windows Network File System Remote Code Execution Vulnerability Critical Unreviewed
CVE-2023-24941 was published May 9, 2023
XWiki Platform vulnerable to RXSS via editor parameter - importinline template Critical
CVE-2023-32071 was published for org.xwiki.platform:xwiki-platform-distribution-war (Maven) May 9, 2023
A vulnerability has been identified in SCALANCE LPE9403 (All versions < V2.1). The web based... Critical Unreviewed
CVE-2023-27407 was published May 9, 2023
SAP GUI for Windows - version 7.70, 8.0, allows an unauthorized attacker to gain NTLM... Critical Unreviewed
CVE-2023-32113 was published May 9, 2023
This issue was addressed with improved state management. This issue is fixed in macOS Ventura 13... Critical Unreviewed
CVE-2023-28201 was published May 8, 2023
The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.3,... Critical Unreviewed
CVE-2023-27958 was published May 8, 2023
The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.3,... Critical Unreviewed
CVE-2023-27953 was published May 8, 2023
This was addressed with additional checks by Gatekeeper on files downloaded from an iCloud shared... Critical Unreviewed
CVE-2023-23526 was published May 8, 2023
jsreport vulnerable to code injection Critical
CVE-2023-2583 was published for jsreport (npm) May 8, 2023
H3C GR-1200W MiniGRW1A0V100R006 was discovered to contain a stack overflow via the function... Critical Unreviewed
CVE-2023-29696 was published May 8, 2023
H3C GR-1200W MiniGRW1A0V100R006 was discovered to contain a stack overflow via the function... Critical Unreviewed
CVE-2023-29693 was published May 8, 2023
SourceCodester Online Pizza Ordering System v1.0 is vulnerable to SQL Injection via the QTY... Critical Unreviewed
CVE-2023-30092 was published May 8, 2023
The AI ChatBot WordPress plugin before 4.4.7 unserializes user input from cookies via an AJAX... Critical Unreviewed
CVE-2023-1650 was published May 8, 2023
SQL Injection vulnerability in victor cms 1.0 allows attackers to execute arbitrary commands via... Critical Unreviewed
CVE-2020-23966 was published May 8, 2023
The Bitcoin / AltCoin Payment Gateway for WooCommerce & Multivendor store / shop WordPress plugin... Critical Unreviewed
CVE-2022-4118 was published May 8, 2023
Apache Airflow vulnerable to Privilege Context Switching Error Critical
CVE-2023-25754 was published for apache-airflow (pip) May 8, 2023
Judging Management System v1.0 is vulnerable to SQL Injection. via /php-jms/review_se_result.php... Critical Unreviewed
CVE-2023-30018 was published May 8, 2023
Metersphere v1.20.20-lts-79d354a6 is vulnerable to Remote Command Execution. The system command... Critical Unreviewed
CVE-2023-29944 was published May 8, 2023
CRMEB v4.4 to v4.6 was discovered to contain an arbitrary file upload vulnerability via the... Critical Unreviewed
CVE-2023-30185 was published May 8, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database