GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 18,824
Composer 3,653
Erlang 29
GitHub Actions 16
Go 1,706
Maven 4,938
npm 3,471
NuGet 603
pip 2,985
Pub 10
RubyGems 826
Rust 772
Swift 34

Unreviewed advisories

All unreviewed 218,371

CC-BY-4.0 License

Language support

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

92,711 advisories

Filter by severity

Sort by

Least recently updated

A Stored Cross-Site Scripting (XSS) vulnerability has been identified in OpenText ArcSight... High Unreviewed

CVE-2024-2835 was published May 20, 2024

Zoho ManageEngine ADAudit Plus through 7251 allows SQL Injection while getting aggregate report... High Unreviewed

CVE-2023-49330 was published May 20, 2024

Zoho ManageEngine PAM360 version 6601 is vulnerable to authorization vulnerability which allows a... High Unreviewed

CVE-2024-27312 was published May 20, 2024

veraPDF has potential XSLT injection vulnerability when using policy files High

CVE-2024-28109 was published for org.verapdf:core (Maven) May 20, 2024

A vulnerability was found in SourceCodester Event Registration System 1.0. It has been rated as... High Unreviewed

CVE-2024-5122 was published May 20, 2024

A vulnerability was found in PHPGurukul Directory Management System 1.0. It has been rated as... High Unreviewed

CVE-2024-5135 was published May 20, 2024

Duplicate Advisory: Scrapy leaks the authorization header on same-domain but cross-origin redirects High

GHSA-cg34-w3fm-82h3 was published for scrapy (pip) May 20, 2024 • withdrawn

A vulnerability, which was classified as critical, has been found in SourceCodester Online... High Unreviewed

CVE-2024-5116 was published May 20, 2024

A vulnerability has been found in SourceCodester Event Registration System 1.0 and classified as... High Unreviewed

CVE-2024-5118 was published May 20, 2024

A vulnerability, which was classified as critical, was found in SourceCodester Event Registration... High Unreviewed

CVE-2024-5117 was published May 20, 2024

A vulnerability was found in SourceCodester Best House Rental Management System 1.0 and... High Unreviewed

CVE-2024-5094 was published May 18, 2024

A vulnerability has been found in SourceCodester Best House Rental Management System 1.0 and... High Unreviewed

CVE-2024-5093 was published May 18, 2024

IBM i 7.2, 7.3, and 7.4 could allow a remote attacker to execute arbitrary code leading to a... High Unreviewed

CVE-2024-31879 was published May 18, 2024

MSI Afterburner v4.6.6.16381 Beta 3 is vulnerable to an ACL Bypass vulnerability in the RTCore64... High Unreviewed

CVE-2024-3745 was published May 18, 2024

The Contact Form Plugin by Fluent Forms for Quiz, Survey, and Drag & Drop WP Form Builder plugin... High Unreviewed

CVE-2024-4709 was published May 18, 2024

The Contact Form Plugin by Fluent Forms for Quiz, Survey, and Drag & Drop WP Form Builder plugin... High Unreviewed

CVE-2024-2782 was published May 18, 2024

The Salient Shortcodes plugin for WordPress is vulnerable to Local File Inclusion in all versions... High Unreviewed

CVE-2024-3810 was published May 18, 2024

The Salient Core plugin for WordPress is vulnerable to Local File Inclusion in all versions up to... High Unreviewed

CVE-2024-3812 was published May 18, 2024

litellm passes untrusted data to `eval` function without sanitization High

CVE-2024-4264 was published for litellm (pip) May 18, 2024

Tor Arti's STUB circuits incorrectly have a length of 2 High

CVE-2024-35312 was published for arti (Rust) May 18, 2024

nzo/url-encryptor-bundle Insecure default secret key and IV allowing anyone to decrypt values High

GHSA-r2r8-36pq-27cm was published for nzo/url-encryptor-bundle (Composer) May 17, 2024

Cross-site Scripting vulnerabilities in Neos High

GHSA-6cj3-rc4p-f38f was published for neos/neos (Composer) May 17, 2024

Neos Information Disclosure Security Note High

GHSA-3c5g-73f7-grvm was published for neos/neos (Composer) May 17, 2024

namshi/jose insecure JSON Web Signatures (JWS) High

GHSA-hxhc-wmg8-xrqf was published for namshi/jose (Composer) May 17, 2024

A vulnerability classified as critical has been found in PHPGurukul Online Course Registration... High Unreviewed

CVE-2024-5065 was published May 17, 2024

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

92,711 advisories