Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,344
Erlang
31
GitHub Actions
22
Go
2,111
Maven
5,000+
npm
3,767
NuGet
680
pip
3,453
Pub
12
RubyGems
892
Rust
888
Swift
37
Unreviewed advisories
All unreviewed
5,000+

923 advisories

Loading
An issue in flusity-CMS v.2.33 allows a remote attacker to execute arbitrary code via the... Moderate Unreviewed
CVE-2024-33442 was published May 1, 2024
Server-Side Template Injection (SSTI) vulnerability in inducer relate before v.2024.1, allows... Moderate Unreviewed
CVE-2024-32404 was published Apr 26, 2024
A vulnerability in a legacy capability that allowed for the preloading of VPN clients and plug... Moderate Unreviewed
CVE-2024-20359 was published Apr 24, 2024
Buffer Overflow vulnerability in Ffmpeg v.N113007-g8d24a28d06 allows a local attacker to execute... Moderate Unreviewed
CVE-2023-51797 was published Apr 19, 2024
Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability Moderate Unreviewed
CVE-2024-29991 was published Apr 19, 2024
An issue in JNT Telecom JNT Liftcom UMS V1.J Core Version JM-V15 allows a remote attacker to... Moderate Unreviewed
CVE-2024-30567 was published Apr 16, 2024
Cross Site Scripting (XSS) in Insurance Management System v1.0, allows remote attackers to... Moderate Unreviewed
CVE-2024-31648 was published Apr 15, 2024
Vulnerability in WBSAirback 21.02.04, which involves improper neutralisation of Server-Side... Moderate Unreviewed
CVE-2024-3786 was published Apr 15, 2024
Vulnerability in WBSAirback 21.02.04, which involves improper neutralisation of Server-Side... Moderate Unreviewed
CVE-2024-3785 was published Apr 15, 2024
The WPC Smart Quick View for WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site... Moderate Unreviewed
CVE-2023-6494 was published Apr 13, 2024
Cross Site Scripting vulnerability in Rainbow external link network disk v.5.5 allows a remote... Moderate Unreviewed
CVE-2024-30845 was published Apr 12, 2024
\An issue was discovered in Cobham SAILOR VSAT Ku v.164B019, allows a remote attacker to execute... Moderate Unreviewed
CVE-2023-44853 was published Apr 12, 2024
Code injection in Apache Zeppelin Shell Moderate
CVE-2024-31861 was published for org.apache.zeppelin:zeppelin-shell (Maven) Apr 11, 2024
raboof
A cross-site scripting (XSS) vulnerability in RageFrame2 v2.6.43, allows remote attackers to... Moderate Unreviewed
CVE-2024-30878 was published Apr 11, 2024
Leantime 3.0.6 is vulnerable to HTML Injection via /dashboard/show#/tickets/newTicket. Moderate Unreviewed
CVE-2024-27476 was published Apr 10, 2024
A improper neutralization of special elements used in a template engine [CWE-1336] in... Moderate Unreviewed
CVE-2023-47542 was published Apr 9, 2024
There is an HTML injection vulnerability in Esri Portal for ArcGIS <=11.0 that may allow a remote... Moderate Unreviewed
CVE-2024-25706 was published Apr 4, 2024
Dolibarr ERP CRM Code Injection vulnerability during installation Moderate
CVE-2024-29477 was published for dolibarr/dolibarr (Composer) Apr 3, 2024
Cross Site Scripting (XSS) vulnerability in emlog version Pro 2.3, allow remote attackers to... Moderate Unreviewed
CVE-2024-31013 was published Apr 3, 2024
Aterm WG1800HP4, WG1200HS3, WG1900HP2, WG1200HP3, WG1800HP3, WG1200HS2, WG1900HP, WG1200HP2,... Moderate Unreviewed
CVE-2024-28005 was published Mar 28, 2024
A user with administrative privileges can create a compromised dll file of the same name as the... Moderate Unreviewed
CVE-2024-2209 was published Mar 27, 2024
Cross-site Scripting in Moodle Chat Moderate
CVE-2024-28593 was published for moodle/moodle (Composer) Mar 22, 2024
An issue was discovered in osCommerce v4, allows local attackers to bypass file upload... Moderate Unreviewed
CVE-2024-22724 was published Mar 21, 2024
A vulnerability, which was classified as critical, was found in ZhiCms 4.0. Affected is the... Moderate Unreviewed
CVE-2024-2016 was published Mar 21, 2024
An issue in zuoxingdong lagom v.0.1.2 allows a local attacker to execute arbitrary code via the... Moderate Unreviewed
CVE-2024-25359 was published Mar 21, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database