Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,683
Erlang
29
GitHub Actions
16
Go
1,708
Maven
4,944
npm
3,473
NuGet
603
pip
2,995
Pub
10
RubyGems
826
Rust
773
Swift
34
Unreviewed advisories
All unreviewed
5,000+

21,541 advisories

There are command injection vulnerabilities in the underlying Soft AP Daemon service that could... Critical Unreviewed
CVE-2024-31472 was published May 15, 2024
There is a command injection vulnerability in the underlying Central Communications service that... Critical Unreviewed
CVE-2024-31471 was published May 15, 2024
There are buffer overflow vulnerabilities in the underlying CLI service that could lead to... Critical Unreviewed
CVE-2024-31467 was published May 15, 2024
There are buffer overflow vulnerabilities in the underlying CLI service that could lead to... Critical Unreviewed
CVE-2024-31466 was published May 15, 2024
Grafana Race condition allowing privilege escalation Critical
CVE-2022-39328 was published for github.com/grafana/grafana (Go) May 14, 2024
Grafana Fine-grained access control vulnerability Critical
CVE-2021-41244 was published for github.com/grafana/grafana (Go) May 14, 2024
PrestaShop cross-site scripting via customer contact form in FO, through file upload Critical
CVE-2024-34716 was published for prestashop/prestashop (Composer) May 14, 2024
matthieu-rolland aelmokhtar
Weak account password in GE HealthCare EchoPAC products Critical Unreviewed
CVE-2024-27107 was published May 14, 2024
A vulnerability has been identified in SIMATIC RTLS Locating Manager (6GT2780-0DA00) (All... Critical Unreviewed
CVE-2024-33499 was published May 14, 2024
An unauthenticated attacker can upload a malicious file to the server which when accessed by a... Critical Unreviewed
CVE-2024-33006 was published May 14, 2024
A vulnerability has been identified in SIMATIC CN 4100 (All versions < V3.0). The affected device... Critical Unreviewed
CVE-2024-32740 was published May 14, 2024
A vulnerability has been identified in SIMATIC CN 4100 (All versions < V3.0). The affected device... Critical Unreviewed
CVE-2024-32741 was published May 14, 2024
A vulnerability has been identified in SIMATIC RTLS Locating Manager (6GT2780-0DA00) (All... Critical Unreviewed
CVE-2024-30209 was published May 14, 2024
A vulnerability has been identified in RUGGEDCOM CROSSBOW (All versions < V5.5). The affected... Critical Unreviewed
CVE-2024-27939 was published May 14, 2024
A vulnerability has been identified in SIMATIC RTLS Locating Manager (6GT2780-0DA00) (All... Critical Unreviewed
CVE-2024-30207 was published May 14, 2024
VMware Workstation and Fusion contain a use-after-free vulnerability in the vbluetooth device. A... Critical Unreviewed
CVE-2024-22267 was published May 14, 2024
Cockpit CMS contains an arbitrary file upload vulenrability Critical
CVE-2024-4825 was published for cockpit-hq/cockpit (Composer) May 14, 2024
Vulnerability in School ERP Pro+Responsive 1.0 that allows SQL injection through the '/SchoolERP... Critical Unreviewed
CVE-2024-4824 was published May 14, 2024
The LearnPress – WordPress LMS Plugin plugin for WordPress is vulnerable to time-based SQL... Critical Unreviewed
CVE-2024-4434 was published May 14, 2024
The Kognetiks Chatbot for WordPress plugin for WordPress is vulnerable to arbitrary file uploads... Critical Unreviewed
CVE-2024-4560 was published May 14, 2024
Use after free in Visuals in Google Chrome prior to 124.0.6367.201 allowed a remote attacker who... Critical Unreviewed
CVE-2024-4671 was published May 14, 2024
The Hotel Booking Lite plugin for WordPress is vulnerable to PHP Object Injection in all versions... Critical Unreviewed
CVE-2024-4413 was published May 14, 2024
YMS VIS Pro is an information system for veterinary and food administration, veterinarians and... Critical Unreviewed
CVE-2024-3263 was published May 14, 2024
The Porto theme for WordPress is vulnerable to Local File Inclusion in all versions up to, and... Critical Unreviewed
CVE-2024-3806 was published May 14, 2024
The Last Viewed Posts by WPBeginner plugin for WordPress is vulnerable to PHP Object Injection in... Critical Unreviewed
CVE-2024-3070 was published May 14, 2024
ProTip! Advisories are also available from the GraphQL API