GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 19,269
Composer 3,945
Erlang 29
GitHub Actions 16
Go 1,731
Maven 4,961
npm 3,493
NuGet 607
pip 3,059
Pub 10
RubyGems 832
Rust 778
Swift 34

Unreviewed advisories

All unreviewed 219,694

CC-BY-4.0 License

Language support

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

18,727 advisories

Filter by severity

Sort by

Least recently updated

CWE-787: Out-of-bounds Write vulnerability exists that could result in an authentication bypass... Critical Unreviewed

CVE-2024-37036 was published Jun 12, 2024

A path traversal vulnerability in mintplex-labs/anything-llm allowed a manager to bypass the ... Critical Unreviewed

CVE-2024-5211 was published Jun 12, 2024

The InstaWP Connect – 1-click WP Staging & Migration plugin for WordPress is vulnerable to... Critical Unreviewed

CVE-2024-4898 was published Jun 12, 2024

An improper input validation vulnerability in the SGI Image Codec of QNX SDP version(s) 6.6, 7.0,... Critical Unreviewed

CVE-2024-35213 was published Jun 11, 2024

Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability Critical Unreviewed

CVE-2024-30080 was published Jun 11, 2024

vulnerability exists in the FOXMAN-UN/UNEM server / API Gateway that if exploited an attacker... Critical Unreviewed

CVE-2024-2012 was published Jun 11, 2024

An authentication bypass vulnerability exists in the FOXMAN-UN/UNEM server / API Gateway... Critical Unreviewed

CVE-2024-2013 was published Jun 11, 2024

A vulnerability has been identified in PowerSys (All versions < V3.11). The affected application... Critical Unreviewed

CVE-2024-36266 was published Jun 11, 2024

The Blog2Social: Social Media Auto Post & Scheduler plugin for WordPress is vulnerable to SQL... Critical Unreviewed

CVE-2024-3549 was published Jun 11, 2024

Hard-coded JWT secret allows authentication bypass in Veeam Recovery Orchestrator Critical Unreviewed

CVE-2024-29855 was published Jun 11, 2024

Sourcecodester Online Medicine Ordering System 1.0 is vulnerable to Arbitrary file deletion... Critical Unreviewed

CVE-2024-32167 was published Jun 10, 2024

GitHub access token could be exposed to third-party sites in JetBrains IDEs after version 2023.1... Critical Unreviewed

CVE-2024-37051 was published Jun 10, 2024

Unrestricted Upload of File with Dangerous Type vulnerability in Asghar Hatampoor BuddyPress... Critical Unreviewed

CVE-2024-35746 was published Jun 10, 2024

SeaCMS 12.9 has a file deletion vulnerability via admin_template.php. Critical Unreviewed

CVE-2024-31611 was published Jun 10, 2024

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... Critical Unreviewed

CVE-2024-35677 was published Jun 10, 2024

Vulnerability discovered by executing a planned security audit. Improper Limitation of a... Critical Unreviewed

CVE-2024-34762 was published Jun 10, 2024

Use of hard-coded password to the patients' database allows an attacker to retrieve sensitive... Critical Unreviewed

CVE-2024-3699 was published Jun 10, 2024

Use of hard-coded password to the patients' database allows an attacker to retrieve sensitive... Critical Unreviewed

CVE-2024-1228 was published Jun 10, 2024

Use of hard-coded password to the patients' database allows an attacker to retrieve sensitive... Critical Unreviewed

CVE-2024-3700 was published Jun 10, 2024

In PHP versions 8.1.* before 8.1.29, 8.2.* before 8.2.20, 8.3.* before 8.3.8, when using Apache... Critical Unreviewed

CVE-2024-4577 was published Jun 9, 2024

Missing Authorization vulnerability in UkrSolution Barcode Scanner with Inventory & Order Manager... Critical Unreviewed

CVE-2024-33565 was published Jun 9, 2024

Missing Authorization vulnerability in Bricksforge.This issue affects Bricksforge: from n/a... Critical Unreviewed

CVE-2024-31244 was published Jun 9, 2024

Sourcecodester Pharmacy/Medical Store Point of Sale System 1.0 is vulnerable SQL Injection via... Critical Unreviewed

CVE-2024-36673 was published Jun 7, 2024

The Quiz And Survey Master – Best Quiz, Exam and Survey Plugin for WordPress plugin for WordPress... Critical Unreviewed

CVE-2024-3592 was published Jun 7, 2024

The gaizhenbiao/chuanhuchatgpt application is vulnerable to a path traversal attack due to its... Critical Unreviewed

CVE-2024-3234 was published Jun 6, 2024

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

18,727 advisories