GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,653
Erlang
29
GitHub Actions
16
Go
1,706
Maven
4,938
npm
3,471
NuGet
603
pip
2,985
Pub
10
RubyGems
826
Rust
772
Swift
34
Unreviewed advisories
All unreviewed
5,000+
92,711 advisories
Filter by severity
A Stored Cross-Site Scripting (XSS) vulnerability has been identified in OpenText ArcSight...
High
Unreviewed
CVE-2024-2835
was published
May 20, 2024
Zoho ManageEngine ADAudit Plus through 7251 allows SQL Injection while getting aggregate report...
High
Unreviewed
CVE-2023-49330
was published
May 20, 2024
Zoho ManageEngine PAM360 version 6601 is vulnerable to authorization vulnerability which allows a...
High
Unreviewed
CVE-2024-27312
was published
May 20, 2024
veraPDF has potential XSLT injection vulnerability when using policy files
High
CVE-2024-28109
was published
for
org.verapdf:core
(Maven)
May 20, 2024
A vulnerability was found in SourceCodester Event Registration System 1.0. It has been rated as...
High
Unreviewed
CVE-2024-5122
was published
May 20, 2024
A vulnerability was found in PHPGurukul Directory Management System 1.0. It has been rated as...
High
Unreviewed
CVE-2024-5135
was published
May 20, 2024
Duplicate Advisory: Scrapy leaks the authorization header on same-domain but cross-origin redirects
High
GHSA-cg34-w3fm-82h3
was published
for
scrapy
(pip)
May 20, 2024
•
withdrawn
A vulnerability, which was classified as critical, has been found in SourceCodester Online...
High
Unreviewed
CVE-2024-5116
was published
May 20, 2024
A vulnerability has been found in SourceCodester Event Registration System 1.0 and classified as...
High
Unreviewed
CVE-2024-5118
was published
May 20, 2024
A vulnerability, which was classified as critical, was found in SourceCodester Event Registration...
High
Unreviewed
CVE-2024-5117
was published
May 20, 2024
A vulnerability was found in SourceCodester Best House Rental Management System 1.0 and...
High
Unreviewed
CVE-2024-5094
was published
May 18, 2024
A vulnerability has been found in SourceCodester Best House Rental Management System 1.0 and...
High
Unreviewed
CVE-2024-5093
was published
May 18, 2024
IBM i 7.2, 7.3, and 7.4 could allow a remote attacker to execute arbitrary code leading to a...
High
Unreviewed
CVE-2024-31879
was published
May 18, 2024
MSI Afterburner v4.6.6.16381 Beta 3 is vulnerable to an ACL Bypass vulnerability in the RTCore64...
High
Unreviewed
CVE-2024-3745
was published
May 18, 2024
The Contact Form Plugin by Fluent Forms for Quiz, Survey, and Drag & Drop WP Form Builder plugin...
High
Unreviewed
CVE-2024-4709
was published
May 18, 2024
The Contact Form Plugin by Fluent Forms for Quiz, Survey, and Drag & Drop WP Form Builder plugin...
High
Unreviewed
CVE-2024-2782
was published
May 18, 2024
The Salient Shortcodes plugin for WordPress is vulnerable to Local File Inclusion in all versions...
High
Unreviewed
CVE-2024-3810
was published
May 18, 2024
The Salient Core plugin for WordPress is vulnerable to Local File Inclusion in all versions up to...
High
Unreviewed
CVE-2024-3812
was published
May 18, 2024
litellm passes untrusted data to `eval` function without sanitization
High
CVE-2024-4264
was published
for
litellm
(pip)
May 18, 2024
Tor Arti's STUB circuits incorrectly have a length of 2
High
CVE-2024-35312
was published
for
arti
(Rust)
May 18, 2024
nzo/url-encryptor-bundle Insecure default secret key and IV allowing anyone to decrypt values
High
GHSA-r2r8-36pq-27cm
was published
for
nzo/url-encryptor-bundle
(Composer)
May 17, 2024
Cross-site Scripting vulnerabilities in Neos
High
GHSA-6cj3-rc4p-f38f
was published
for
neos/neos
(Composer)
May 17, 2024
Neos Information Disclosure Security Note
High
GHSA-3c5g-73f7-grvm
was published
for
neos/neos
(Composer)
May 17, 2024
namshi/jose insecure JSON Web Signatures (JWS)
High
GHSA-hxhc-wmg8-xrqf
was published
for
namshi/jose
(Composer)
May 17, 2024
A vulnerability classified as critical has been found in PHPGurukul Online Course Registration...
High
Unreviewed
CVE-2024-5065
was published
May 17, 2024
ProTip!
Advisories are also available from the
GraphQL API