Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,988
Erlang
29
GitHub Actions
16
Go
1,776
Maven
5,000+
npm
3,542
NuGet
617
pip
3,125
Pub
10
RubyGems
838
Rust
790
Swift
34
Unreviewed advisories
All unreviewed
5,000+

94,501 advisories

Loading
A validated user not explicitly authorized to have access to certain sensitive information could... High Unreviewed
CVE-2023-40159 was published Jul 18, 2024
IBM Engineering Requirements Management DOORS Web Access 9.7.2.8 is vulnerable to an XML External... High Unreviewed
CVE-2023-50304 was published Jul 18, 2024
Local privilege escalation due to OS command injection vulnerability. The following products are... High Unreviewed
CVE-2024-34013 was published Jul 18, 2024
The Brizy – Page Builder plugin for WordPress is vulnerable to arbitrary file uploads due to... High Unreviewed
CVE-2024-3242 was published Jul 18, 2024
The Timeline Event History plugin for WordPress is vulnerable to PHP Object Injection in all... High Unreviewed
CVE-2024-5726 was published Jul 18, 2024
openCart Server-Side Template Injection (SSTI) vulnerability High
CVE-2024-40420 was published for opencart/opencart (Composer) Jul 17, 2024
projectdiscovery/nuclei allows unsigned code template execution through workflows High
CVE-2024-40641 was published for github.com/projectdiscovery/nuclei/v3 (Go) Jul 17, 2024
Ovi3
A vulnerability in the CLI of Cisco AsyncOS for Secure Web Appliance could allow an authenticated... High Unreviewed
CVE-2024-20435 was published Jul 17, 2024
Gotenberg provides a developer-friendly API to interact with powerful tools like Chromium and... High Unreviewed
CVE-2024-40639 was published Jul 17, 2024
A vulnerability in Cisco Intelligent Node (iNode) Software could allow an unauthenticated, remote... High Unreviewed
CVE-2024-20323 was published Jul 17, 2024
The SolarWinds Access Rights Manager was susceptible to a Directory Traversal and Information... High Unreviewed
CVE-2024-28993 was published Jul 17, 2024
The SolarWinds Access Rights Manager was found to be susceptible to an Arbitrary File Deletion... High Unreviewed
CVE-2024-23474 was published Jul 17, 2024
The SolarWinds Access Rights Manager was susceptible to a Directory Traversal and Information... High Unreviewed
CVE-2024-28992 was published Jul 17, 2024
The SolarWinds Access Rights Manager was susceptible to a Directory Traversal and Information... High Unreviewed
CVE-2024-23468 was published Jul 17, 2024
The SolarWinds Access Rights Manager was found to be susceptible to an authentication bypass... High Unreviewed
CVE-2024-23465 was published Jul 17, 2024
Eclipse Parsson stack overflow when parsing deeply nested input High
CVE-2023-7272 was published for org.eclipse.parsson:parsson (Maven) Jul 17, 2024
Sylius has a security vulnerability via adjustments API endpoint High
CVE-2024-40633 was published for sylius/sylius (Composer) Jul 17, 2024
Zohocorp ManageEngine DDI Central versions 4001 and prior were vulnerable to agent takeover... High Unreviewed
CVE-2024-5471 was published Jul 17, 2024
Apache StreamPipes has potential remote code execution (RCE) via file upload High
CVE-2024-31411 was published for org.apache.streampipes:streampipes-parent (Maven) Jul 17, 2024
Apache Airflow has DAG Author Code Execution possibility in airflow-scheduler High
CVE-2024-39877 was published for apache-airflow (pip) Jul 17, 2024
The BookingPress – Appointment Booking Calendar Plugin and Online Scheduling Plugin plugin for... High Unreviewed
CVE-2024-6467 was published Jul 17, 2024
The BookingPress – Appointment Booking Calendar Plugin and Online Scheduling Plugin plugin for... High Unreviewed
CVE-2024-6660 was published Jul 17, 2024
Use after free in Accessibility in Google Chrome prior to 122.0.6261.57 allowed a remote attacker... High Unreviewed
CVE-2024-3171 was published Jul 17, 2024
Insufficient data validation in Updater in Google Chrome prior to 120.0.6099.62 allowed a remote... High Unreviewed
CVE-2024-3173 was published Jul 17, 2024
Out of bounds write in SwiftShader in Google Chrome prior to 117.0.5938.62 allowed a remote... High Unreviewed
CVE-2024-3176 was published Jul 17, 2024
ProTip! Advisories are also available from the GraphQL API