GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
25,328 advisories
phpMyFAQ Code Injection vulnerability
Moderate
CVE-2023-1761
was published
for
thorsten/phpmyfaq
(Composer)
Mar 31, 2023
unpoly-rails Denial of Service vulnerability
Moderate
CVE-2023-28846
was published
for
unpoly-rails
(RubyGems)
Mar 30, 2023
mindsdb arbitrary file write when extracting a remotely retrieved Tarball
High
CVE-2023-30620
was published
for
mindsdb
(pip)
Mar 30, 2023
runc AppArmor bypass with symlinked /proc
Moderate
CVE-2023-28642
was published
for
github.com/opencontainers/runc
(Go)
Mar 30, 2023
Kiwi TCMS Stored Cross-site Scripting via SVG file
High
CVE-2023-27489
was published
for
kiwitcms
(pip)
Mar 30, 2023
rootless: `/sys/fs/cgroup` is writable when cgroupns isn't unshared in runc
Low
CVE-2023-25809
was published
for
github.com/opencontainers/runc
(Go)
Mar 30, 2023
Arbitrary file write in mindsdb when Extracting Tarballs retrieved from a remote location
Moderate
CVE-2022-23522
was published
for
mindsdb
(pip)
Mar 30, 2023
HashiCorp Vault’s Microsoft SQL Database Storage Backend Vulnerable to SQL Injection Via Configuration File
Moderate
CVE-2023-0620
was published
for
github.com/hashicorp/vault
(Go)
Mar 30, 2023
smarty Cross-site Scripting vulnerability in Javascript escaping
High
CVE-2023-28447
was published
for
smarty/smarty
(Composer)
Mar 29, 2023
ProTip!
Advisories are also available from the
GraphQL API