Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
61
GitHub Actions
50
Go
3,821
Maven
5,000+
npm
5,000+
NuGet
939
pip
5,000+
Pub
13
RubyGems
1,059
Rust
1,357
Swift
54
Unreviewed advisories
All unreviewed
5,000+

30,221 advisories

Loading
Unrestricted Upload of File with Dangerous Type vulnerability in AmaderCode Lab Dropshipping &... Critical Unreviewed
CVE-2023-31215 was published Dec 20, 2023
Unrestricted Upload of File with Dangerous Type vulnerability in Themify Themify Ultra.This issue... Critical Unreviewed
CVE-2023-46149 was published Dec 20, 2023
Unrestricted Upload of File with Dangerous Type vulnerability in Zendrop Zendrop – Global... Critical Unreviewed
CVE-2023-25970 was published Dec 20, 2023
Online Voting System Project v1.0 is vulnerable to multiple Unauthenticated SQL Injection... Critical Unreviewed
CVE-2023-48433 was published Dec 20, 2023
Unrestricted Upload of File with Dangerous Type vulnerability in Olive Themes Olive One Click... Critical Unreviewed
CVE-2023-29102 was published Dec 20, 2023
Unrestricted Upload of File with Dangerous Type vulnerability in Themely Theme Demo Import.This... Critical Unreviewed
CVE-2023-28170 was published Dec 20, 2023
A vulnerability, which was classified as critical, was found in Totolink A7100RU 7.4cu... Critical Unreviewed
CVE-2023-6906 was published Dec 20, 2023
A vulnerability has been found in codelyfe Stupid Simple CMS up to 1.2.4 and classified as... Critical Unreviewed
CVE-2023-6907 was published Dec 20, 2023
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2023-49752 was published Dec 20, 2023
Deserialization of Untrusted Data vulnerability in Tim Brattberg BCorp Shortcodes.This issue... Critical Unreviewed
CVE-2023-49773 was published Dec 20, 2023
Deserialization of Untrusted Data vulnerability in Phpbits Creative Studio Genesis Simple Love... Critical Unreviewed
CVE-2023-49772 was published Dec 20, 2023
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2023-49776 was published Dec 20, 2023
Student Information System v1.0 is vulnerable to multiple Authenticated SQL Injection... Critical Unreviewed
CVE-2023-5011 was published Dec 20, 2023
Student Information System v1.0 is vulnerable to multiple Authenticated SQL Injection... Critical Unreviewed
CVE-2023-5007 was published Dec 20, 2023
Student Information System v1.0 is vulnerable to multiple Authenticated SQL Injection... Critical Unreviewed
CVE-2023-5010 was published Dec 20, 2023
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2023-32590 was published Dec 20, 2023
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2023-40010 was published Dec 20, 2023
Authentication bypass vulnerability in Amazing Little Poll affecting versions 1.3 and 1.4. This... Critical Unreviewed
CVE-2023-6768 was published Dec 20, 2023
Buffer Overflow vulnerability in libming version 0.4.8, allows attackers to execute arbitrary... Critical Unreviewed
CVE-2023-50628 was published Dec 20, 2023
Buffer Overflow vulnerability in Cesanta MJS version 2.22.0, allows attackers to execute... Critical Unreviewed
CVE-2023-50044 was published Dec 20, 2023
MLflow Server-Side Request Forgery (SSRF) Critical
CVE-2023-6974 was published for mlflow (pip) Dec 20, 2023
MLFlow Path Traversal Vulnerability Critical
CVE-2023-6975 was published for mlflow (pip) Dec 20, 2023
Xpand IT Write-back Manager v2.3.1 uses weak secret keys to sign JWT tokens. This allows... Critical Unreviewed
CVE-2023-27172 was published Dec 20, 2023
Through the exploitation of active user sessions, an attacker could send custom requests to... Critical Unreviewed
CVE-2023-50707 was published Dec 20, 2023
EuroTel ETL3100 versions v01c01 and v01x37 suffer from an unauthenticated configuration... Critical Unreviewed
CVE-2023-6930 was published Dec 20, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database