Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,300
Erlang
31
GitHub Actions
21
Go
2,065
Maven
5,000+
npm
3,744
NuGet
668
pip
3,427
Pub
12
RubyGems
892
Rust
877
Swift
36
Unreviewed advisories
All unreviewed
5,000+

11,292 advisories

Loading
A vulnerability was found in RRJ Nueva Ecija Engineer Online Portal 1.0. It has been declared as... Low Unreviewed
CVE-2024-0184 was published Jan 2, 2024
A vulnerability classified as problematic has been found in HuiRan Host Reseller System up to 2.0... Low Unreviewed
CVE-2024-0186 was published Jan 2, 2024
in OpenHarmony v3.2.2 and prior versions allow a local attacker cause DOS through occupy all... Low Unreviewed
CVE-2023-47216 was published Jan 2, 2024
Mattermost allows demoted guests to change group names Low
CVE-2023-50333 was published for github.com/mattermost/mattermost/server/v8 (Go) Jan 2, 2024
Winter CMS Local File Inclusion through Server Side Template Injection Low
CVE-2023-52085 was published for winter/wn-backend-module (Composer) Jan 2, 2024
Sanineng
A vulnerability has been found in Zimbra zm-ajax up to 8.8.1 and classified as problematic.... Low Unreviewed
CVE-2017-20188 was published Jan 2, 2024
A vulnerability, which was classified as problematic, was found in RRJ Nueva Ecija Engineer... Low Unreviewed
CVE-2024-0188 was published Jan 2, 2024
Gila CMS SQL Injection vulnerability Low
CVE-2020-26624 was published for gilacms/gila (Composer) Jan 3, 2024
Gila CMS SQL Injection vulnerability Low
CVE-2020-26625 was published for gilacms/gila (Composer) Jan 3, 2024
HCL DRYiCE MyXalytics is impacted by an improper error handling vulnerability. The application... Low Unreviewed
CVE-2023-50348 was published Jan 3, 2024
HCL DRYiCE MyXalytics is impacted by an information disclosure vulnerability. Certain endpoints... Low Unreviewed
CVE-2023-50346 was published Jan 3, 2024
HCL DRYiCE MyXalytics is impacted by an Open Redirect vulnerability which could allow an attacker... Low Unreviewed
CVE-2023-50345 was published Jan 3, 2024
A flaw was found in libssh. By utilizing the ProxyCommand or ProxyJump feature, users can exploit... Low Unreviewed
CVE-2023-6004 was published Jan 3, 2024
A use-after-free flaw was found in PackageKitd. In some conditions, the order of cleanup... Low Unreviewed
CVE-2024-0217 was published Jan 3, 2024
The DES/3DES cipher was used as part of the TLS protocol by installation tools Low
GHSA-7xg2-83f8-39mr was published for github.com/karmada-io/karmada (Go) Jan 3, 2024
zhzhuang-zju yanfeng1992
Implicit intent hijacking vulnerability in Samsung Email prior to version 6.1.90.16 allows... Low Unreviewed
CVE-2024-20807 was published Jan 4, 2024
Path traversal vulnerability in ZipCompressor of MyFiles prior to SMR Jan-2024 Release 1 in... Low Unreviewed
CVE-2024-20805 was published Jan 4, 2024
Duplicate Advisory: Race Condition leading to logging errors Low
GHSA-v444-jggx-6v7f was published for audited (RubyGems) Jan 4, 2024 withdrawn
Duplicate Advisory: govuk_tech_docs vulnerable to unescaped HTML on search results page Low
GHSA-4mvm-xh8j-fv27 was published for govuk_tech_docs (RubyGems) Jan 4, 2024 withdrawn
Duplicate Advisory: Malicious URL drafting attack against iodines static file server may allow path traversal Low
GHSA-qwf7-rv77-fcr3 was published for iodine (RubyGems) Jan 4, 2024 withdrawn
There is a DLL hijacking vulnerability in ZTE ZXCLOUD iRAI, an attacker could place a fake DLL... Low Unreviewed
CVE-2023-41782 was published Jan 5, 2024
A buffer copy without checking size of input vulnerability has been reported to affect several... Low Unreviewed
CVE-2023-45041 was published Jan 5, 2024
A buffer copy without checking size of input vulnerability has been reported to affect several... Low Unreviewed
CVE-2023-45039 was published Jan 5, 2024
Arm provides multiple helpers to clean & invalidate the cache for a given region. This is, for... Low Unreviewed
CVE-2023-34321 was published Jan 5, 2024
A buffer copy without checking size of input vulnerability has been reported to affect several... Low Unreviewed
CVE-2023-45042 was published Jan 5, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database