Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,298
Erlang
31
GitHub Actions
21
Go
2,063
Maven
5,000+
npm
3,744
NuGet
668
pip
3,424
Pub
12
RubyGems
892
Rust
876
Swift
36
Unreviewed advisories
All unreviewed
5,000+

129 advisories

Loading
ingress-nginx component for Kubernetes allows file overwrite Moderate
CVE-2020-8553 was published for k8s.io/ingress-nginx (Go) May 24, 2022
Cortex's Alertmanager can expose local files content via specially crafted config Moderate
CVE-2022-23536 was published for github.com/cortexproject/cortex (Go) Dec 19, 2022
aus
A vulnerability was found in Boss Mini 1.4.0 Build 6221. It has been classified as critical. This... High Unreviewed
CVE-2023-3643 was published Jul 12, 2023
External Control of File Name or Path in GitHub repository unilogies/bumsys prior to 2.2.0. High Unreviewed
CVE-2023-2554 was published May 5, 2023
A vulnerability has been found in SourceCodester Student Study Center Desk Management System 1.0... Moderate Unreviewed
CVE-2023-2152 was published Apr 18, 2023
A vulnerability, which was classified as critical, has been found in SourceCodester Resort... Moderate Unreviewed
CVE-2023-4191 was published Aug 7, 2023
An arbitrary file creation vulnerability exists in the Javascript exportDataObject API of Foxit... High Unreviewed
CVE-2023-40194 was published Nov 27, 2023
An arbitrary file creation vulnerability exists in the Javascript exportDataObject API of Foxit... High Unreviewed
CVE-2023-35985 was published Nov 27, 2023
A code execution vulnerability exists in the Javascript saveAs API of Foxit Reader 12.1.3.15356.... High Unreviewed
CVE-2023-39542 was published Nov 27, 2023
Malicious Code Execution Vulnerability due to External Control of File Name or Path in multiple... High Unreviewed
CVE-2023-5247 was published Nov 30, 2023
This external control vulnerability, if exploited, could allow a local OS-authenticated user... Moderate Unreviewed
CVE-2023-34982 was published Nov 15, 2023
External Control of File Name or Path in h2oai/h2o-3 Critical
CVE-2023-6569 was published for h2o (pip) Dec 14, 2023
A vulnerability was found in SourceCodester Simple Student Attendance System 1.0. It has been... Moderate Unreviewed
CVE-2023-6618 was published Dec 8, 2023
A vulnerability was found in SourceCodester Clinic Queuing System 1.0. It has been rated as... Moderate Unreviewed
CVE-2024-0265 was published Jan 7, 2024
A local file inclusion vulnerability exists in the getLanguageFromBrowser functionality of WWBN... Critical Unreviewed
CVE-2023-47862 was published Jan 10, 2024
An information disclosure vulnerability exists in the image404Raw.php functionality of WWBN... High Unreviewed
CVE-2023-49738 was published Jan 10, 2024
An information disclosure vulnerability exists in the aVideoEncoder.json.php chunkFile path... Moderate Unreviewed
CVE-2023-47171 was published Jan 10, 2024
An information disclosure vulnerability exists in the aVideoEncoderReceiveImage.json.php image... Moderate Unreviewed
CVE-2023-49864 was published Jan 10, 2024
An information disclosure vulnerability exists in the aVideoEncoderReceiveImage.json.php image... Moderate Unreviewed
CVE-2023-49862 was published Jan 10, 2024
An information disclosure vulnerability exists in the aVideoEncoderReceiveImage.json.php image... Moderate Unreviewed
CVE-2023-49863 was published Jan 10, 2024
A vulnerability in the CLI of Cisco FXOS Software could allow an authenticated, local attacker to... Moderate Unreviewed
CVE-2023-20234 was published Aug 23, 2023
A vulnerability in the file download feature of Cisco Firepower Management Center (FMC) Software... Moderate Unreviewed
CVE-2023-20114 was published Nov 1, 2023
A vulnerability classified as problematic was found in ForU CMS up to 2020-06-23. Affected by... Moderate Unreviewed
CVE-2024-0728 was published Jan 19, 2024
A file disclosure vulnerability in the Palo Alto Networks Cortex XSOAR server software enables an... Moderate Unreviewed
CVE-2023-0003 was published Feb 8, 2023
php-svg-lib lacks path validation on font through SVG inline styles Moderate
CVE-2024-25117 was published for phenx/php-svg-lib (Composer) Feb 21, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database