Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,992
Erlang
29
GitHub Actions
16
Go
1,782
Maven
5,000+
npm
3,544
NuGet
619
pip
3,134
Pub
10
RubyGems
838
Rust
795
Swift
34
Unreviewed advisories
All unreviewed
5,000+

22,106 advisories

Loading
The vulnerability could be remotely exploited to bypass authentication. Critical Unreviewed
CVE-2024-22442 was published Jul 16, 2024
Tenda AC18 V15.03.3.10_EN was discovered to contain a stack-based buffer overflow vulnerability... Critical Unreviewed
CVE-2024-33182 was published Jul 16, 2024
Tenda i29V1.0 V1.0.0.5 was discovered to contain a hardcoded password for root. Critical Unreviewed
CVE-2024-35338 was published Jul 16, 2024
Tenda AC18 V15.03.3.10_EN was discovered to contain a stack-based buffer overflow vulnerability... Critical Unreviewed
CVE-2024-33180 was published Jul 16, 2024
The HUSKY – Products Filter Professional for WooCommerce plugin for WordPress is vulnerable to... Critical Unreviewed
CVE-2024-6457 was published Jul 16, 2024
TorrentPier Deserialization of Untrusted Data vulnerability Critical
CVE-2024-40624 was published for torrentpier/torrentpier (Composer) Jul 15, 2024
swapgs
This vulnerability allows an unauthenticated attacker to achieve remote command execution on the... Critical Unreviewed
CVE-2024-38492 was published Jul 15, 2024
An improper input validation allows an unauthenticated attacker to achieve remote command... Critical Unreviewed
CVE-2024-36455 was published Jul 15, 2024
This vulnerability allows an unauthenticated attacker to achieve remote command execution on the... Critical Unreviewed
CVE-2024-36456 was published Jul 15, 2024
An incorrect privilege assignment vulnerability in the inline editing functionality of OTRS can... Critical Unreviewed
CVE-2024-23794 was published Jul 15, 2024
AguardNet's Space Management System does not properly validate user input, allowing... Critical Unreviewed
CVE-2024-6743 was published Jul 15, 2024
The SMTP Listener of Secure Email Gateway from Cellopoint does not properly validate user input,... Critical Unreviewed
CVE-2024-6744 was published Jul 15, 2024
my-springsecurity-plus before v2024.07.03 was discovered to contain a SQL injection vulnerability... Critical Unreviewed
CVE-2024-40541 was published Jul 12, 2024
my-springsecurity-plus before v2024.07.03 was discovered to contain a SQL injection vulnerability... Critical Unreviewed
CVE-2024-40539 was published Jul 12, 2024
my-springsecurity-plus before v2024.07.03 was discovered to contain a SQL injection vulnerability... Critical Unreviewed
CVE-2024-40540 was published Jul 12, 2024
my-springsecurity-plus before v2024.07.03 was discovered to contain a SQL injection vulnerability... Critical Unreviewed
CVE-2024-40542 was published Jul 12, 2024
Unrestricted Upload of File with Dangerous Type vulnerability in Realtyna Realtyna Organic IDX... Critical Unreviewed
CVE-2024-38736 was published Jul 12, 2024
Unrestricted Upload of File with Dangerous Type vulnerability in SpreadsheetConverter Import... Critical Unreviewed
CVE-2024-38734 was published Jul 12, 2024
Improper Privilege Management vulnerability in NooTheme Jobmonster allows Privilege Escalation... Critical Unreviewed
CVE-2024-37927 was published Jul 12, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2024-37933 was published Jul 12, 2024
The MStore API – Create Native Android & iOS Apps On The Cloud plugin for WordPress is vulnerable... Critical Unreviewed
CVE-2024-6328 was published Jul 12, 2024
Path Traversal: '\..\filename' in aimhubio/aim Critical Unreviewed
CVE-2024-6396 was published Jul 12, 2024
An issue was discovered on Supermicro BMC firmware in select X11, X12, H12, B12, X13, H13, and... Critical Unreviewed
CVE-2024-36435 was published Jul 11, 2024
A Stored Cross-Site Scripting (XSS) vulnerability exists in gaizhenbiao/chuanhuchatgpt version... Critical Unreviewed
CVE-2024-6035 was published Jul 11, 2024
CWE-200: Information Exposure vulnerability exists that could cause disclosure of credentials... Critical Unreviewed
CVE-2024-6407 was published Jul 11, 2024
ProTip! Advisories are also available from the GraphQL API