Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,648
Erlang
29
GitHub Actions
16
Go
1,705
Maven
4,937
npm
3,470
NuGet
603
pip
2,982
Pub
10
RubyGems
826
Rust
770
Swift
34
Unreviewed advisories
All unreviewed
5,000+

797 advisories

Ez Platform Object Injection in legacy shop module Moderate
GHSA-39j2-4p9j-5w4j was published for ezsystems/ezpublish-legacy (Composer) May 15, 2024
Ez Platform and Legacy are prone to an insecure interpretation of PHP/PHAR uploads Moderate
GHSA-pqjm-xcp8-wgmm was published for ezsystems/ezpublish-legacy (Composer) May 15, 2024
Apache Hive Code Injection vulnerability Moderate
CVE-2023-35701 was published for org.apache.hive:hive-jdbc (Maven) May 3, 2024
oscerd
A vulnerability in a legacy capability that allowed for the preloading of VPN clients and plug... Moderate Unreviewed
CVE-2024-20359 was published Apr 24, 2024
Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability Moderate Unreviewed
CVE-2024-29991 was published Apr 19, 2024
There is an HTML injection vulnerability in Esri Portal for ArcGIS <=11.0 that may allow a remote... Moderate Unreviewed
CVE-2024-25706 was published Apr 4, 2024
Dolibarr ERP CRM Code Injection vulnerability during installation Moderate
CVE-2024-29477 was published for dolibarr/dolibarr (Composer) Apr 3, 2024
A vulnerability, which was classified as critical, was found in ZhiCms 4.0. Affected is the... Moderate Unreviewed
CVE-2024-2016 was published Mar 21, 2024
A vulnerability was found in RaspAP raspap-webgui 3.0.9 and classified as critical. This issue... Moderate Unreviewed
CVE-2024-2497 was published Mar 15, 2024
Nteract Remote Code Execution vulnerability Moderate
CVE-2024-22891 was published for nteract (npm) Mar 1, 2024
This vulnerability allows remote attackers to execute arbitrary code on the affected webOS of LG... Moderate Unreviewed
CVE-2024-1885 was published Feb 26, 2024
A vulnerability was found in Shopwind up to 4.6. It has been rated as critical. This issue... Moderate Unreviewed
CVE-2024-1705 was published Feb 21, 2024
Vintage, member of the AXIS OS Bug Bounty Program, has found that the VAPIX API create_overlay... Moderate Unreviewed
CVE-2023-5800 was published Feb 5, 2024
Brandon Rothel from QED Secure Solutions has found that the VAPIX API tcptest.cgi did not have a... Moderate Unreviewed
CVE-2023-5677 was published Feb 5, 2024
An issue in Blurams Lumi Security Camera (A31C) v.2.3.38.12558 allows a physically proximate... Moderate Unreviewed
CVE-2023-51820 was published Feb 2, 2024
HCL BigFix ServiceNow is vulnerable to arbitrary code injection. A malicious authorized attacker... Moderate Unreviewed
CVE-2023-37518 was published Jan 30, 2024
A vulnerability, which was classified as critical, has been found in ???? mldong 1.0. This issue... Moderate Unreviewed
CVE-2024-0738 was published Jan 20, 2024
[PROBLEMTYPE] in [COMPONENT] in [VENDOR] [PRODUCT] [VERSION] on [PLATFORMS] allows [ATTACKER] to ... Moderate Unreviewed
CVE-2023-6548 was published Jan 17, 2024
A vulnerability was reported in the Lenovo Browser Mobile and Lenovo Browser HD Apps for Android... Moderate Unreviewed
CVE-2023-6540 was published Jan 3, 2024
There is a command injection vulnerability of ZTE's ZXCLOUD iRAI. Due to the  program  failed to... Moderate Unreviewed
CVE-2023-41783 was published Jan 3, 2024
A vulnerability has been found in Magic-Api up to 2.0.1 and classified as critical. Affected by... Moderate Unreviewed
CVE-2024-0196 was published Jan 3, 2024
A vulnerability, which was classified as critical, was found in spider-flow 0.4.3. Affected is... Moderate Unreviewed
CVE-2024-0195 was published Jan 2, 2024
ShifuML shifu code injection vulnerability Moderate
CVE-2023-7148 was published for ml.shifu:shifu (Maven) Dec 29, 2023
A vulnerability classified as problematic was found in rmountjoy92 DashMachine 0.5-4. Affected by... Moderate Unreviewed
CVE-2023-6899 was published Dec 17, 2023
A vulnerability was found in kalcaddle KodExplorer up to 4.51.03. It has been rated as critical.... Moderate Unreviewed
CVE-2023-6851 was published Dec 16, 2023
ProTip! Advisories are also available from the GraphQL API