Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,333
Erlang
31
GitHub Actions
22
Go
2,095
Maven
5,000+
npm
3,760
NuGet
678
pip
3,446
Pub
12
RubyGems
892
Rust
882
Swift
37
Unreviewed advisories
All unreviewed
5,000+

331 advisories

Loading
The Statutory Reporting application has a vulnerable file storage location, potentially enabling... Moderate Unreviewed
CVE-2023-42475 was published Oct 10, 2023
SAP Business One (B1i) - version 10.0, allows an authorized attacker to retrieve the details... Moderate Unreviewed
CVE-2023-41365 was published Oct 10, 2023
A flaw was found in Red Hat's AMQ-Streams, which ships a version of the OKHttp component with an... Moderate Unreviewed
CVE-2023-0833 was published Sep 27, 2023
Credential disclosure in the '/webs/userpasswd.htm' endpoint in Juplink RX4-1500 Wifi router... High Unreviewed
CVE-2023-41027 was published Sep 22, 2023
A vulnerability has been identified in QMS Automotive (All versions < V12.39). The affected... Moderate Unreviewed
CVE-2023-40725 was published Sep 14, 2023
Due to the lack of validation, SAP BusinessObjects Business Intelligence Platform (Version... Moderate Unreviewed
CVE-2023-37489 was published Sep 14, 2023
Apache Superset may expose internal traces on REST API endpoints Moderate
CVE-2023-39264 was published for apache-superset (pip) Sep 6, 2023
An information disclosure vulnerability exists in the OAS Engine configuration management... Moderate Unreviewed
CVE-2023-35124 was published Sep 5, 2023
IBM Security Verify Information Queue 10.0.4 and 10.0.5 could allow a remote attacker to obtain... High Unreviewed
CVE-2023-33835 was published Aug 31, 2023
IBM Security Verify Information Queue 10.0.4 and 10.0.5 could allow a remote attacker to obtain... Moderate Unreviewed
CVE-2023-33834 was published Aug 31, 2023
User enumeration is found in PHPJabbers Document Creator v1.0. This issue occurs during password... Critical Unreviewed
CVE-2023-40758 was published Aug 28, 2023
User enumeration is found in PHPJabbers Yacht Listing Script v2.0. This issue occurs during... Critical Unreviewed
CVE-2023-40761 was published Aug 28, 2023
User enumeration is found in in PHPJabbers Make an Offer Widget v1.0. This issue occurs during... Critical Unreviewed
CVE-2023-40767 was published Aug 28, 2023
User enumeration is found in PHP Jabbers Restaurant Booking Script v3.0. This issue occurs during... Critical Unreviewed
CVE-2023-40759 was published Aug 28, 2023
User enumeration is found in PHPJabbers Fundraising Script v1.0. This issue occurs during... Critical Unreviewed
CVE-2023-40762 was published Aug 28, 2023
User enumeration is found in PHP Jabbers Car Rental Script v3.0. This issue occurs during... Critical Unreviewed
CVE-2023-40764 was published Aug 28, 2023
User enumeration is found in PHPJabbers Taxi Booking Script v2.0. This issue occurs during... Critical Unreviewed
CVE-2023-40763 was published Aug 28, 2023
User enumeration is found in PHP Jabbers Hotel Booking System v4.0. This issue occurs during... Critical Unreviewed
CVE-2023-40760 was published Aug 28, 2023
User enumeration is found in in PHPJabbers Ticket Support Script v3.2. This issue occurs during... Critical Unreviewed
CVE-2023-40766 was published Aug 28, 2023
User enumeration is found in PHPJabbers Food Delivery Script v3.1. This issue occurs during... Critical Unreviewed
CVE-2023-40757 was published Aug 28, 2023
User enumeration is found in PHPJabbers Event Booking Calendar v4.0. This issue occurs during... Critical Unreviewed
CVE-2023-40765 was published Aug 28, 2023
IBM Security Guardium Data Encryption (IBM Guardium Cloud Key Manager (GCKM) 1.10.3)) could allow... Moderate Unreviewed
CVE-2023-26272 was published Aug 28, 2023
e-Excellence U-Office Force generates an error message in webiste service. An unauthenticated... Moderate Unreviewed
CVE-2023-32755 was published Aug 25, 2023
IBM Cognos Analytics 11.1.7, 11.2.0, and 11.2.1 could allow a remote attacker to obtain system... Moderate Unreviewed
CVE-2023-35009 was published Aug 17, 2023
Jenkins Folders Plugin information disclosure vulnerability Moderate
CVE-2023-40338 was published for org.jenkins-ci.plugins:cloudbees-folder (Maven) Aug 16, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database