Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,298
Erlang
31
GitHub Actions
21
Go
2,063
Maven
5,000+
npm
3,744
NuGet
668
pip
3,424
Pub
12
RubyGems
892
Rust
876
Swift
36
Unreviewed advisories
All unreviewed
5,000+

24,098 advisories

Loading
A vulnerability classified as critical has been found in SourceCodester Music Gallery Site 1.0.... Critical Unreviewed
CVE-2023-0938 was published Feb 21, 2023
A vulnerability, which was classified as critical, has been found in SourceCodester Online... Critical Unreviewed
CVE-2023-1040 was published Feb 26, 2023
A vulnerability has been found in SourceCodester Best POS Management System 1.0 and classified as... Critical Unreviewed
CVE-2023-0946 was published Feb 21, 2023
SQL Injection vulnerability in Projectworlds Online Doctor Appointment Booking System, allows... Critical Unreviewed
CVE-2020-29168 was published Feb 17, 2023
A vulnerability, which was classified as critical, was found in SourceCodester Simple Customer... Critical Unreviewed
CVE-2023-0917 was published Feb 19, 2023
A vulnerability has been found in codeprojects Pharmacy Management System 1.0 and classified as... Critical Unreviewed
CVE-2023-0918 was published Feb 19, 2023
An SQL Injection vulnerabilty exists in Sourcecodester Mobile Shop System in PHP MySQL 1.0 via... Critical Unreviewed
CVE-2020-25905 was published Jan 29, 2022
Signature forgery in Biscuit Critical
CVE-2022-31053 was published for biscuit-auth (Go) Jun 17, 2022
avivdolev Churro
Withdrawn: CVE Rejected: JXPath vulnerable to remote code execution when interpreting untrusted XPath expressions Critical
CVE-2022-41852 was published for commons-jxpath:commons-jxpath (Maven) Oct 6, 2022 withdrawn
Warxim JPLachance
LiteDB may deserialize bad JSON on object type using _type Critical
CVE-2022-23535 was published for LiteDB (NuGet) Feb 24, 2023
Apache Airflow Sqoop Provider Improper Input Validation vulnerability Critical
CVE-2023-25693 was published for apache-airflow-providers-apache-sqoop (pip) Feb 24, 2023
Apache Airflow Google Provider Improper Input Validation vulnerability Critical
CVE-2023-25691 was published for apache-airflow-providers-google (pip) Feb 24, 2023
A vulnerability in the Remember Me function of Mura CMS before v10.0.580 allows attackers to... Critical Unreviewed
CVE-2022-47003 was published Feb 1, 2023
smalruby and smalruby-editor vulnerable to OS Command Injection Critical
CVE-2017-2096 was published for smalruby (RubyGems) May 13, 2022
omniauth-weibo-oauth2 included a code-execution backdoor inserted by a third party Critical
CVE-2019-17268 was published for omniauth-weibo-oauth2 (RubyGems) May 24, 2022
Fluentd Escape Sequence Injection Vulnerability Critical
CVE-2017-10906 was published for fluentd (RubyGems) May 13, 2022
xfig 3.2.7 is vulnerable to Buffer Overflow. Critical Unreviewed
CVE-2021-40241 was published Oct 31, 2022
LuckyframeWEB v3.5 was discovered to contain a SQL injection vulnerability via the dataScope... Critical Unreviewed
CVE-2023-24221 was published Feb 17, 2023
HAProxy before 2.7.3 may allow a bypass of access control because HTTP/1 headers are... Critical Unreviewed
CVE-2023-25725 was published Feb 14, 2023
LuckyframeWEB v3.5 was discovered to contain a SQL injection vulnerability via the dataScope... Critical Unreviewed
CVE-2023-24220 was published Feb 17, 2023
LuckyframeWEB v3.5 was discovered to contain a SQL injection vulnerability via the dataScope... Critical Unreviewed
CVE-2023-24219 was published Feb 17, 2023
Tenda AC500 V2.0.1.9(1307) is vulnerable to Buffer Overflow in function fromAddressNat via... Critical Unreviewed
CVE-2023-25234 was published Feb 27, 2023
Tenda AC500 V2.0.1.9(1307) is vulnerable to Buffer Overflow in function fromRouteStatic via... Critical Unreviewed
CVE-2023-25233 was published Feb 27, 2023
Tenda Router W30E V1.0.1.25(633) is vulnerable to Buffer Overflow in function fromRouteStatic via... Critical Unreviewed
CVE-2023-25231 was published Feb 27, 2023
A external control of file name or path in Fortinet FortiNAC versions 9.4.0, 9.2.0 through 9.2.5,... Critical Unreviewed
CVE-2022-39952 was published Feb 16, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database