GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,793
Erlang
29
GitHub Actions
16
Go
1,710
Maven
4,947
npm
3,475
NuGet
605
pip
3,001
Pub
10
RubyGems
828
Rust
773
Swift
34
Unreviewed advisories
All unreviewed
5,000+
92,791 advisories
Filter by severity
A Regular Expression Denial of Service (ReDoS) vulnerability exists in the lunary-ai/lunary...
High
Unreviewed
CVE-2024-4148
was published
Jun 1, 2024
The wpDataTables – WordPress Data Table, Dynamic Tables & Table Charts Plugin plugin for...
High
Unreviewed
CVE-2024-3821
was published
Jun 1, 2024
The User Registration – Custom Registration Form, Login Form, and User Profile WordPress Plugin...
High
Unreviewed
CVE-2024-4958
was published
Jun 1, 2024
The Elements For Elementor plugin for WordPress is vulnerable to Local File Inclusion in all...
High
Unreviewed
CVE-2024-5348
was published
Jun 1, 2024
The Content Blocks (Custom Post Widget) plugin for WordPress is vulnerable to Local File...
High
Unreviewed
CVE-2024-3564
was published
Jun 1, 2024
A vulnerability was found in libndp. This flaw allows a local malicious user to cause a buffer...
High
Unreviewed
CVE-2024-5564
was published
May 31, 2024
An unrestricted file upload vulnerability in web component of Ivanti Avalanche before 6.4.x...
High
Unreviewed
CVE-2024-29848
was published
May 31, 2024
An unspecified SQL Injection vulnerability in Core server of Ivanti EPM 2022 SU5 and prior allows...
High
Unreviewed
CVE-2024-29830
was published
May 31, 2024
An unspecified SQL Injection vulnerability in Core server of Ivanti EPM 2022 SU5 and prior allows...
High
Unreviewed
CVE-2024-29846
was published
May 31, 2024
A CRLF Injection vulnerability in Ivanti Connect Secure (9.x, 22.x) allows an authenticated high...
High
Unreviewed
CVE-2023-38551
was published
May 31, 2024
A SQL injection vulnerability in web component of Ivanti Neurons for ITSM allows a remote...
High
Unreviewed
CVE-2024-22059
was published
May 31, 2024
An unrestricted file upload vulnerability in web component of Ivanti Neurons for ITSM allows a...
High
Unreviewed
CVE-2024-22060
was published
May 31, 2024
An unspecified SQL Injection vulnerability in Core server of Ivanti EPM 2022 SU5 and prior allows...
High
Unreviewed
CVE-2024-29829
was published
May 31, 2024
An unspecified SQL Injection vulnerability in Core server of Ivanti EPM 2022 SU5 and prior allows...
High
Unreviewed
CVE-2024-29828
was published
May 31, 2024
IBM Security Verify Access Docker 10.0.0 through 10.0.6 could allow a local user to escalate...
High
Unreviewed
CVE-2024-35142
was published
May 31, 2024
A buffer overflow allows a low privilege user on the local machine that has the EPM Agent...
High
Unreviewed
CVE-2024-22058
was published
May 31, 2024
IBM Security Verify Access Docker 10.0.0 through 10.0.6 could allow a local user to escalate...
High
Unreviewed
CVE-2024-35140
was published
May 31, 2024
A local privilege escalation vulnerability in Ivanti Secure Access Client for Windows allows a...
High
Unreviewed
CVE-2023-38042
was published
May 31, 2024
A local privilege escalation vulnerability in Ivanti Secure Access Client for Linux before 22.7R1...
High
Unreviewed
CVE-2023-46810
was published
May 31, 2024
The Vanna library uses a prompt function to present the user with visualized results, it is...
High
Unreviewed
CVE-2024-5565
was published
May 31, 2024
SQL injection vulnerability in Astrotalks affecting version 10/03/2023. This vulnerability could...
High
Unreviewed
CVE-2024-5523
was published
May 31, 2024
Improper privilege management vulnerability in Astrotalks affecting version 10/03/2023. This...
High
Unreviewed
CVE-2024-5525
was published
May 31, 2024
The Visual Website Collaboration, Feedback & Project Management – Atarim plugin for WordPress is...
High
Unreviewed
CVE-2024-2793
was published
May 31, 2024
The Responsive Owl Carousel for Elementor plugin for WordPress is vulnerable to Local File...
High
Unreviewed
CVE-2024-5345
was published
May 31, 2024
Fuji Electric Monitouch V-SFT
is vulnerable to a stack-based buffer overflow, which could allow...
High
Unreviewed
CVE-2024-34171
was published
May 30, 2024
ProTip!
Advisories are also available from the
GraphQL API