GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,992
Erlang
29
GitHub Actions
16
Go
1,782
Maven
5,000+
npm
3,544
NuGet
619
pip
3,134
Pub
10
RubyGems
838
Rust
795
Swift
34
Unreviewed advisories
All unreviewed
5,000+
22,106 advisories
Filter by severity
The vulnerability could be remotely exploited to bypass authentication.
Critical
Unreviewed
CVE-2024-22442
was published
Jul 16, 2024
Tenda AC18 V15.03.3.10_EN was discovered to contain a stack-based buffer overflow vulnerability...
Critical
Unreviewed
CVE-2024-33182
was published
Jul 16, 2024
Tenda i29V1.0 V1.0.0.5 was discovered to contain a hardcoded password for root.
Critical
Unreviewed
CVE-2024-35338
was published
Jul 16, 2024
Tenda AC18 V15.03.3.10_EN was discovered to contain a stack-based buffer overflow vulnerability...
Critical
Unreviewed
CVE-2024-33180
was published
Jul 16, 2024
The HUSKY – Products Filter Professional for WooCommerce plugin for WordPress is vulnerable to...
Critical
Unreviewed
CVE-2024-6457
was published
Jul 16, 2024
TorrentPier Deserialization of Untrusted Data vulnerability
Critical
CVE-2024-40624
was published
for
torrentpier/torrentpier
(Composer)
Jul 15, 2024
This vulnerability allows an unauthenticated attacker to achieve remote command execution on the...
Critical
Unreviewed
CVE-2024-38492
was published
Jul 15, 2024
An improper input validation allows an unauthenticated attacker to achieve remote command...
Critical
Unreviewed
CVE-2024-36455
was published
Jul 15, 2024
This vulnerability allows an unauthenticated attacker to achieve remote command execution on the...
Critical
Unreviewed
CVE-2024-36456
was published
Jul 15, 2024
An incorrect privilege assignment vulnerability in the inline editing functionality of OTRS can...
Critical
Unreviewed
CVE-2024-23794
was published
Jul 15, 2024
AguardNet's Space Management System does not properly validate user input, allowing...
Critical
Unreviewed
CVE-2024-6743
was published
Jul 15, 2024
The SMTP Listener of Secure Email Gateway from Cellopoint does not properly validate user input,...
Critical
Unreviewed
CVE-2024-6744
was published
Jul 15, 2024
my-springsecurity-plus before v2024.07.03 was discovered to contain a SQL injection vulnerability...
Critical
Unreviewed
CVE-2024-40541
was published
Jul 12, 2024
my-springsecurity-plus before v2024.07.03 was discovered to contain a SQL injection vulnerability...
Critical
Unreviewed
CVE-2024-40539
was published
Jul 12, 2024
my-springsecurity-plus before v2024.07.03 was discovered to contain a SQL injection vulnerability...
Critical
Unreviewed
CVE-2024-40540
was published
Jul 12, 2024
my-springsecurity-plus before v2024.07.03 was discovered to contain a SQL injection vulnerability...
Critical
Unreviewed
CVE-2024-40542
was published
Jul 12, 2024
Unrestricted Upload of File with Dangerous Type vulnerability in Realtyna Realtyna Organic IDX...
Critical
Unreviewed
CVE-2024-38736
was published
Jul 12, 2024
Unrestricted Upload of File with Dangerous Type vulnerability in SpreadsheetConverter Import...
Critical
Unreviewed
CVE-2024-38734
was published
Jul 12, 2024
Improper Privilege Management vulnerability in NooTheme Jobmonster allows Privilege Escalation...
Critical
Unreviewed
CVE-2024-37927
was published
Jul 12, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')...
Critical
Unreviewed
CVE-2024-37933
was published
Jul 12, 2024
The MStore API – Create Native Android & iOS Apps On The Cloud plugin for WordPress is vulnerable...
Critical
Unreviewed
CVE-2024-6328
was published
Jul 12, 2024
Path Traversal: '\..\filename' in aimhubio/aim
Critical
Unreviewed
CVE-2024-6396
was published
Jul 12, 2024
An issue was discovered on Supermicro BMC firmware in select X11, X12, H12, B12, X13, H13, and...
Critical
Unreviewed
CVE-2024-36435
was published
Jul 11, 2024
A Stored Cross-Site Scripting (XSS) vulnerability exists in gaizhenbiao/chuanhuchatgpt version...
Critical
Unreviewed
CVE-2024-6035
was published
Jul 11, 2024
CWE-200: Information Exposure vulnerability exists that could cause disclosure of
credentials...
Critical
Unreviewed
CVE-2024-6407
was published
Jul 11, 2024
ProTip!
Advisories are also available from the
GraphQL API