GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,581
Composer 4,205
Erlang 31
GitHub Actions 19
Go 1,987
Maven 5,169
npm 3,704
NuGet 661
pip 3,329
Pub 11
RubyGems 884
Rust 844
Swift 36

Unreviewed advisories

All unreviewed 234,114

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

816 advisories

Filter by severity

Sort by

Least recently updated

A vulnerability, which was classified as critical, has been found in InnoCMS 0.3.1. This issue... Moderate Unreviewed

CVE-2024-7899 was published Aug 17, 2024

Improper Control of Generation of Code ('Code Injection') vulnerability in WC Product Table... Moderate Unreviewed

CVE-2024-43128 was published Aug 13, 2024

In certain Sonos products before Sonos S1 Release 11.12 and S2 release 15.9, a vulnerability... Moderate Unreviewed

CVE-2023-50810 was published Aug 12, 2024

An issue discovered in import host feature in Ab Initio Metadata Hub and Authorization Gateway... Moderate Unreviewed

CVE-2024-37382 was published Aug 8, 2024

An issue has been discovered in GitLab CE/EE affecting all versions before 17.0.6, 17.1 prior to... Moderate Unreviewed

CVE-2024-3958 was published Aug 8, 2024

There is a MEDIUM severity vulnerability affecting CPython. The email module didn’t properly... Moderate Unreviewed

CVE-2024-6923 was published Aug 1, 2024

An arbitrary file upload vulnerability in the uploadFileAction() function of WonderCMS v3.4.3... Moderate Unreviewed

CVE-2024-41304 was published Jul 30, 2024

A vulnerability, which was classified as critical, has been found in Prain up to 1.3.0. Affected... Moderate Unreviewed

CVE-2024-6950 was published Jul 21, 2024

A vulnerability was found in Flute CMS 0.2.2.4-alpha. It has been rated as critical. This issue... Moderate Unreviewed

CVE-2024-6947 was published Jul 21, 2024

A vulnerability was found in Flute CMS 0.2.2.4-alpha. It has been declared as critical. This... Moderate Unreviewed

CVE-2024-6946 was published Jul 21, 2024

A vulnerability, which was classified as problematic, has been found in formtools.org Form Tools... Moderate Unreviewed

CVE-2024-6936 was published Jul 21, 2024

A vulnerability was found in DedeCMS 5.7.114. It has been classified as critical. This affects an... Moderate Unreviewed

CVE-2024-6940 was published Jul 21, 2024

Livechat messages can be leaked by combining two NoSQL injections affecting livechat:loginByToken... Moderate Unreviewed

CVE-2024-37405 was published Jul 12, 2024

A cross-site scripting (XSS) vulnerability in netbox v4.0.3 allows attackers to execute arbitrary... Moderate Unreviewed

CVE-2024-40735 was published Jul 9, 2024

A cross-site scripting (XSS) vulnerability in netbox v4.0.3 allows attackers to execute arbitrary... Moderate Unreviewed

CVE-2024-40726 was published Jul 9, 2024

Improper Control of Generation of Code ('Code Injection') vulnerability in Saturday Drive Ninja... Moderate Unreviewed

CVE-2024-37934 was published Jul 9, 2024

QR/demoapp/qr_image.php in Asial JpGraph Professional through 4.2.6-pro allows remote attackers... Moderate Unreviewed

CVE-2024-39165 was published Jul 4, 2024

rjrodger jsonic-next v2.12.1 was discovered to contain a prototype pollution via the function... Moderate Unreviewed

CVE-2024-39002 was published Jul 1, 2024

Tada5hi sp-common v0.5.4 was discovered to contain a prototype pollution via the function... Moderate Unreviewed

CVE-2024-38990 was published Jul 1, 2024

Netwrix CoSoSys Endpoint Protector through 5.9.3 and CoSoSys Unify through 7.0.6 contain a remote... Moderate Unreviewed

CVE-2024-36075 was published Jun 27, 2024

luci-app-sms-tool v1.9-6 was discovered to contain a command injection vulnerability via the... Moderate Unreviewed

CVE-2024-39209 was published Jun 27, 2024

File upload vulnerability found in Softexpert Excellence Suite v.2.1 allows attackers to execute... Moderate Unreviewed

CVE-2023-26877 was published Jun 26, 2024

SQL Injection vulnerability in H3C SeaSQL DWS v.2.0 allows a remote attacker to execute arbitrary... Moderate Unreviewed

CVE-2024-33335 was published Jun 20, 2024

nukeviet v.4.5 and before and nukeviet-egov v.1.2.02 and before are vulnerable to arbitrary code... Moderate Unreviewed

CVE-2024-36531 was published Jun 10, 2024

Code injection vulnerability exists in a-blog cms Ver.3.1.x series versions prior to Ver.3.1.12... Moderate Unreviewed

CVE-2024-31396 was published May 22, 2024

Previous 1 2 3 4 5 … 32 33 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

816 advisories