GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 19,269
Composer 3,945
Erlang 29
GitHub Actions 16
Go 1,731
Maven 4,961
npm 3,493
NuGet 607
pip 3,059
Pub 10
RubyGems 832
Rust 778
Swift 34

Unreviewed advisories

All unreviewed 219,699

CC-BY-4.0 License

Language support

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

219,699 advisories

Filter by severity

Sort by

Least recently updated

The Dokan Pro plugin for WordPress is vulnerable to SQL Injection via the 'code' parameter in all... Critical Unreviewed

CVE-2024-3922 was published Jun 13, 2024

An issue has been discovered in GitLab CE/EE affecting all versions starting from 13.1 prior to... Moderate Unreviewed

CVE-2024-1495 was published Jun 13, 2024

An issue has been discovered in GitLab CE/EE affecting all versions starting from 8.4 prior to 16... Moderate Unreviewed

CVE-2024-1963 was published Jun 13, 2024

An issue has been discovered in GitLab CE/EE affecting all versions prior to 16.10.7, starting... Moderate Unreviewed

CVE-2024-1736 was published Jun 13, 2024

A cross-site scripting issue has been discovered in GitLab affecting all versions starting from 5... Moderate Unreviewed

CVE-2024-4201 was published Jun 13, 2024

IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is... Moderate Unreviewed

CVE-2024-31881 was published Jun 12, 2024

There is a vulnerability in AVEVA PI Asset Framework Client that could allow malicious code to... Unknown Unreviewed

CVE-2024-3467 was published Jun 12, 2024

IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5is... Moderate Unreviewed

CVE-2023-29267 was published Jun 12, 2024

An access control issue in Wvp GB28181 Pro 2.0 allows authenticated attackers to escalate... Unknown Unreviewed

CVE-2024-37665 was published Jun 12, 2024

An access control issue in Wvp GB28181 Pro 2.0 allows users to continue to access information in... Unknown Unreviewed

CVE-2024-36523 was published Jun 12, 2024

There is a vulnerability in AVEVA PI Web API that could allow malicious code to execute on the PI... Unknown Unreviewed

CVE-2024-3468 was published Jun 12, 2024

The issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.4, macOS... High Unreviewed

CVE-2024-23299 was published Jun 10, 2024

An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS... High Unreviewed

CVE-2022-48578 was published Jun 10, 2024

The issue was addressed with improved restriction of data container access. This issue is fixed... Moderate Unreviewed

CVE-2023-40389 was published Jun 10, 2024

Emlog pro2.3 is vulnerable to Cross Site Request Forgery (CSRF) via twitter.php which can be used... Moderate Unreviewed

CVE-2024-31612 was published Jun 10, 2024

An access issue was addressed with additional sandbox restrictions. This issue is fixed in macOS... High Unreviewed

CVE-2022-48683 was published Jun 10, 2024

A memory corruption issue was addressed with improved validation. This issue is fixed in macOS... High Unreviewed

CVE-2022-32897 was published Jun 10, 2024

SeaCMS 12.9 has a file deletion vulnerability via admin_template.php. Critical Unreviewed

CVE-2024-31611 was published Jun 10, 2024

This issue was addressed by adding an additional prompt for user consent. This issue is fixed in... Moderate Unreviewed

CVE-2024-27792 was published Jun 10, 2024

Sourcecodester Online Medicine Ordering System 1.0 is vulnerable to Arbitrary file deletion... Critical Unreviewed

CVE-2024-32167 was published Jun 10, 2024

An information disclosure issue was addressed by removing the vulnerable code. This issue is... Moderate Unreviewed

CVE-2022-32933 was published Jun 10, 2024

Multiple LDAP injections vulnerabilities exist in SecurEnvoy MFA before 9.4.514 due to improper... High Unreviewed

CVE-2024-37393 was published Jun 10, 2024

A sym-linked file accessed via the repair function in Avast Antivirus <24.2 on Windows may allow... High Unreviewed

CVE-2024-5102 was published Jun 10, 2024

Use of hard-coded password to the patients' database allows an attacker to retrieve sensitive... Critical Unreviewed

CVE-2024-3699 was published Jun 10, 2024

Use of hard-coded password to the patients' database allows an attacker to retrieve sensitive... Critical Unreviewed

CVE-2024-1228 was published Jun 10, 2024

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

219,699 advisories