GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
11 advisories
Kiwi TCMS Stored Cross-site Scripting via SVG file
High
CVE-2023-27489
was published
for
kiwitcms
(pip)
Mar 30, 2023
Buffer overflow in `CONV_3D_TRANSPOSE` on TFLite
High
CVE-2022-41894
was published
for
tensorflow
(pip)
Nov 21, 2022
Lin CMS vulnerable to Improper Authentication
Moderate
CVE-2022-44244
was published
for
Lin-CMS
(Maven)
Nov 10, 2022
Exposure of Sensitive Information to an Unauthorized Actor in MongoDB Rust Driver
Moderate
CVE-2021-20332
was published
for
mongodb
(Rust)
May 24, 2022
Open Chinese Convert subject to Denial of Service via Out-of-bounds Read
Moderate
CVE-2018-16982
was published
for
OpenCC
(npm)
May 14, 2022
Features file injection vulnerability
Moderate
CVE-2013-4318
was published
for
features
(RubyGems)
May 5, 2022
Exposure of Sensitive Information to an Unauthorized Actor and Insertion of Sensitive Information Into Sent Data in Calico
Moderate
CVE-2020-13597
was published
for
github.com/projectcalico/calico
(Go)
Feb 15, 2022
Deserialization of Untrusted Data in rust-cpuid
Critical
CVE-2021-45687
was published
for
raw-cpuid
(Rust)
Jan 6, 2022
Inefficient Regular Expression Complexity in taro
High
CVE-2021-3804
was published
for
@tarojs/helper
(npm)
Sep 20, 2021
Insecure template handling in express-hbs
Moderate
CVE-2021-32817
was published
for
express-hbs
(npm)
May 17, 2021
ProTip!
Advisories are also available from the
GraphQL API