GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,978
Erlang
29
GitHub Actions
16
Go
1,768
Maven
4,991
npm
3,537
NuGet
616
pip
3,107
Pub
10
RubyGems
837
Rust
786
Swift
34
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
5,902 advisories
Filter by severity
In the module "Facebook" (pkfacebook) <=1.0.1 from Promokit.eu for PrestaShop, a guest can...
High
Unreviewed
CVE-2024-36680
was published
Jun 19, 2024
CodeProjects Health Care hospital Management System v1.0 was discovered to contain a SQL...
High
Unreviewed
CVE-2024-38347
was published
Jun 18, 2024
A vulnerability classified as critical has been found in itsourcecode Pool of Bethesda Online...
High
Unreviewed
CVE-2024-6111
was published
Jun 18, 2024
A vulnerability classified as critical was found in itsourcecode Pool of Bethesda Online...
High
Unreviewed
CVE-2024-6112
was published
Jun 18, 2024
A vulnerability was found in itsourcecode Bakery Online Ordering System 1.0. It has been rated as...
High
Unreviewed
CVE-2024-6065
was published
Jun 17, 2024
SQL injection vulnerability in processscore.php in Itsourcecode Learning Management System...
High
Unreviewed
CVE-2024-37840
was published
Jun 17, 2024
SQL Injection vulnerability in Online-Bookstore-Project-In-PHP v1.0 allows a local attacker to...
High
Unreviewed
CVE-2024-37848
was published
Jun 17, 2024
A vulnerability classified as critical has been found in SourceCodester Best House Rental...
High
Unreviewed
CVE-2024-6043
was published
Jun 17, 2024
A vulnerability was found in Guangdong Baolun Electronics IP Network Broadcasting Service...
High
Unreviewed
CVE-2024-6003
was published
Jun 15, 2024
ALCASAR before 3.6.1 allows CSRF and remote code execution in activity.php.
High
Unreviewed
CVE-2024-38293
was published
Jun 13, 2024
The Search & Replace WordPress plugin before 3.2.2 does not sanitize and escape a parameter...
High
Unreviewed
CVE-2024-4145
was published
Jun 13, 2024
A vulnerability, which was classified as critical, was found in SourceCodester Employee and...
High
Unreviewed
CVE-2024-5896
was published
Jun 12, 2024
Multiple LDAP injections vulnerabilities exist in SecurEnvoy MFA before 9.4.514 due to improper...
High
Unreviewed
CVE-2024-37393
was published
Jun 10, 2024
A vulnerability was found in SourceCodester Vehicle Management System 1.0 and classified as...
High
Unreviewed
CVE-2024-5775
was published
Jun 9, 2024
A vulnerability has been found in SourceCodester Stock Management System 1.0 and classified as...
High
Unreviewed
CVE-2024-5774
was published
Jun 9, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')...
High
Unreviewed
CVE-2024-35678
was published
Jun 8, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')...
High
Unreviewed
CVE-2024-35736
was published
Jun 8, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')...
High
Unreviewed
CVE-2024-35750
was published
Jun 8, 2024
A vulnerability was found in itsourcecode Online Discussion Forum 1.0. It has been rated as...
High
Unreviewed
CVE-2024-5733
was published
Jun 7, 2024
The Unlimited Elements For Elementor (Free Widgets, Addons, Templates) plugin for WordPress is...
High
Unreviewed
CVE-2024-5329
was published
Jun 6, 2024
A vulnerability, which was classified as critical, has been found in Chanjet Smooth T+system 3.5....
High
Unreviewed
CVE-2024-5653
was published
Jun 5, 2024
SQL Injection vulnerability in CRMEB v.5.2.2 allows a remote attacker to obtain sensitive...
High
Unreviewed
CVE-2024-36837
was published
Jun 5, 2024
The SolarWinds Platform was determined to be affected by a SWQL Injection Vulnerability. Attack...
High
Unreviewed
CVE-2024-28996
was published
Jun 4, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')...
High
Unreviewed
CVE-2024-35630
was published
Jun 3, 2024
An unspecified SQL Injection vulnerability in Core server of Ivanti EPM 2022 SU5 and prior allows...
High
Unreviewed
CVE-2024-29830
was published
May 31, 2024
ProTip!
Advisories are also available from the
GraphQL API