GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,232
Erlang
31
GitHub Actions
20
Go
1,991
Maven
5,000+
npm
3,709
NuGet
661
pip
3,345
Pub
11
RubyGems
884
Rust
846
Swift
36
Unreviewed advisories
All unreviewed
5,000+
1,154 advisories
Filter by severity
Plenti arbitrary file write vulnerability
High
CVE-2024-49380
was published
for
github.com/plentico/plenti
(Go)
Oct 31, 2024
A vulnerability has been identified in the Express response.links function, allowing for...
Moderate
Unreviewed
CVE-2024-10491
was published
Oct 29, 2024
lunary-ai/lunary v1.2.26 contains an email injection vulnerability in the Send email verification...
Moderate
Unreviewed
CVE-2024-7472
was published
Oct 29, 2024
Langchain SQL Injection vulnerability
Low
CVE-2024-8309
was published
for
langchain
(pip)
Oct 29, 2024
Umbraco has a Potential Code Execution Risk When Viewing SVG Files in Full Screen in Backoffice
Moderate
CVE-2024-48927
was published
for
Umbraco.Cms
(NuGet)
Oct 22, 2024
cookie accepts cookie name, path, and domain with out of bounds characters
Low
CVE-2024-47764
was published
for
cookie
(npm)
Oct 4, 2024
DataEase's H2 datasource has a remote command execution risk
Critical
CVE-2024-46997
was published
for
io.dataease:common
(Maven)
Sep 23, 2024
Couchbase Server 7.6.x before 7.6.2, 7.2.x before 7.2.6, and all earlier versions allows HTTP...
Moderate
Unreviewed
CVE-2024-25673
was published
Sep 19, 2024
SOFA Hessian Remote Command Execution (RCE) Vulnerability
High
CVE-2024-46983
was published
for
com.alipay.sofa:hessian
(Maven)
Sep 19, 2024
Camaleon CMS affected by arbitrary file write to RCE (GHSL-2024-182)
High
CVE-2024-46986
was published
for
camaleon_cms
(RubyGems)
Sep 18, 2024
Contao affected by insert tag injection via canonical URL
Moderate
CVE-2024-45612
was published
for
contao/core-bundle
(Composer)
Sep 17, 2024
D-Tale Command Execution Vulnerability
Moderate
CVE-2024-8862
was published
for
dtale
(pip)
Sep 16, 2024
Pega Platform versions 8.1 to Infinity 24.1.2 are affected by an HTML Injection issue with Stage.
Moderate
Unreviewed
CVE-2024-6702
was published
Sep 12, 2024
D-Tale vulnerable to Remote Code Execution through the Query input on Chart Builder
Moderate
CVE-2024-45595
was published
for
dtale
(pip)
Sep 10, 2024
A low privileged remote attacker with write permissions can reconfigure the SNMP service due to...
High
Unreviewed
CVE-2024-43388
was published
Sep 10, 2024
A low privileged remote attacker can perform configuration changes of the ospf service through...
Moderate
Unreviewed
CVE-2024-43389
was published
Sep 10, 2024
A low privileged remote attacker can perform configuration changes of the firewall services,...
Moderate
Unreviewed
CVE-2024-43390
was published
Sep 10, 2024
A low privileged remote attacker can perform configuration changes of the firewall services,...
Moderate
Unreviewed
CVE-2024-43392
was published
Sep 10, 2024
A low privileged remote attacker can perform configuration changes of the firewall services,...
Moderate
Unreviewed
CVE-2024-43391
was published
Sep 10, 2024
A low privileged remote attacker can perform configuration changes of the firewall services,...
Moderate
Unreviewed
CVE-2024-43393
was published
Sep 10, 2024
A Host header injection vulnerability in the password reset function of LimeSurvey v.6.6.1+240806...
Moderate
Unreviewed
CVE-2024-42903
was published
Sep 3, 2024
A vulnerability was found in HM Courts & Tribunals Service Probate Back Office up to...
Moderate
Unreviewed
CVE-2024-8367
was published
Sep 1, 2024
Fault Injection vulnerability in RsaPrivateDecryption function in wolfssl/wolfcrypt/src/rsa.c in...
Moderate
Unreviewed
CVE-2024-1545
was published
Aug 30, 2024
Fault Injection vulnerability in wc_ed25519_sign_msg function in wolfssl/wolfcrypt/src/ed25519.c...
Moderate
Unreviewed
CVE-2024-2881
was published
Aug 30, 2024
CRLF Injection in RestSharp's `RestRequest.AddHeader` method
Moderate
CVE-2024-45302
was published
for
RestSharp
(NuGet)
Aug 29, 2024
ProTip!
Advisories are also available from the
GraphQL API