GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,683
Erlang
29
GitHub Actions
16
Go
1,708
Maven
4,944
npm
3,473
NuGet
603
pip
2,995
Pub
10
RubyGems
826
Rust
773
Swift
34
Unreviewed advisories
All unreviewed
5,000+
21,541 advisories
Filter by severity
There are command injection vulnerabilities in the underlying Soft AP Daemon service that could...
Critical
Unreviewed
CVE-2024-31472
was published
May 15, 2024
There is a command injection vulnerability in the underlying Central Communications service that...
Critical
Unreviewed
CVE-2024-31471
was published
May 15, 2024
There are buffer overflow vulnerabilities in the underlying CLI service that could lead to...
Critical
Unreviewed
CVE-2024-31467
was published
May 15, 2024
There are buffer overflow vulnerabilities in the underlying CLI service that could lead to...
Critical
Unreviewed
CVE-2024-31466
was published
May 15, 2024
Grafana Race condition allowing privilege escalation
Critical
CVE-2022-39328
was published
for
github.com/grafana/grafana
(Go)
May 14, 2024
Grafana Fine-grained access control vulnerability
Critical
CVE-2021-41244
was published
for
github.com/grafana/grafana
(Go)
May 14, 2024
PrestaShop cross-site scripting via customer contact form in FO, through file upload
Critical
CVE-2024-34716
was published
for
prestashop/prestashop
(Composer)
May 14, 2024
Weak account password in GE HealthCare EchoPAC products
Critical
Unreviewed
CVE-2024-27107
was published
May 14, 2024
A vulnerability has been identified in SIMATIC RTLS Locating Manager (6GT2780-0DA00) (All...
Critical
Unreviewed
CVE-2024-33499
was published
May 14, 2024
An unauthenticated attacker can upload a malicious file to the server which when accessed by a...
Critical
Unreviewed
CVE-2024-33006
was published
May 14, 2024
A vulnerability has been identified in SIMATIC CN 4100 (All versions < V3.0). The affected device...
Critical
Unreviewed
CVE-2024-32740
was published
May 14, 2024
A vulnerability has been identified in SIMATIC CN 4100 (All versions < V3.0). The affected device...
Critical
Unreviewed
CVE-2024-32741
was published
May 14, 2024
A vulnerability has been identified in SIMATIC RTLS Locating Manager (6GT2780-0DA00) (All...
Critical
Unreviewed
CVE-2024-30209
was published
May 14, 2024
A vulnerability has been identified in RUGGEDCOM CROSSBOW (All versions < V5.5). The affected...
Critical
Unreviewed
CVE-2024-27939
was published
May 14, 2024
A vulnerability has been identified in SIMATIC RTLS Locating Manager (6GT2780-0DA00) (All...
Critical
Unreviewed
CVE-2024-30207
was published
May 14, 2024
VMware Workstation and Fusion contain a use-after-free vulnerability in the vbluetooth device. A...
Critical
Unreviewed
CVE-2024-22267
was published
May 14, 2024
Cockpit CMS contains an arbitrary file upload vulenrability
Critical
CVE-2024-4825
was published
for
cockpit-hq/cockpit
(Composer)
May 14, 2024
Vulnerability in School ERP Pro+Responsive 1.0 that allows SQL injection through the '/SchoolERP...
Critical
Unreviewed
CVE-2024-4824
was published
May 14, 2024
The LearnPress – WordPress LMS Plugin plugin for WordPress is vulnerable to time-based SQL...
Critical
Unreviewed
CVE-2024-4434
was published
May 14, 2024
The Kognetiks Chatbot for WordPress plugin for WordPress is vulnerable to arbitrary file uploads...
Critical
Unreviewed
CVE-2024-4560
was published
May 14, 2024
Use after free in Visuals in Google Chrome prior to 124.0.6367.201 allowed a remote attacker who...
Critical
Unreviewed
CVE-2024-4671
was published
May 14, 2024
The Hotel Booking Lite plugin for WordPress is vulnerable to PHP Object Injection in all versions...
Critical
Unreviewed
CVE-2024-4413
was published
May 14, 2024
YMS VIS Pro is an information system for veterinary and food administration, veterinarians and...
Critical
Unreviewed
CVE-2024-3263
was published
May 14, 2024
The Porto theme for WordPress is vulnerable to Local File Inclusion in all versions up to, and...
Critical
Unreviewed
CVE-2024-3806
was published
May 14, 2024
The Last Viewed Posts by WPBeginner plugin for WordPress is vulnerable to PHP Object Injection in...
Critical
Unreviewed
CVE-2024-3070
was published
May 14, 2024
ProTip!
Advisories are also available from the
GraphQL API