Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,965
Erlang
29
GitHub Actions
16
Go
1,747
Maven
4,975
npm
3,507
NuGet
609
pip
3,072
Pub
10
RubyGems
832
Rust
780
Swift
34
Unreviewed advisories
All unreviewed
5,000+

93,385 advisories

Loading
In the Linux kernel, the following vulnerability has been resolved: dma-mapping: benchmark:... High Unreviewed
CVE-2024-39277 was published Jun 21, 2024
In the Linux kernel, the following vulnerability has been resolved: tpm_tis_spi: Account for SPI... High Unreviewed
CVE-2024-36477 was published Jun 21, 2024
IBM i 7.3, 7.4, and 7.5 product IBM TCP/IP Connectivity Utilities for i contains a local... High Unreviewed
CVE-2024-31890 was published Jun 21, 2024
Local privilege escalation vulnerability allowed an attacker to misuse ESET's file operations... High Unreviewed
CVE-2024-2003 was published Jun 21, 2024
The Plus Addons for Elementor Page Builder plugin for WordPress is vulnerable to Local File... High Unreviewed
CVE-2024-5455 was published Jun 21, 2024
The WP Blog Post Layouts plugin for WordPress is vulnerable to Local File Inclusion in all... High Unreviewed
CVE-2024-5503 was published Jun 21, 2024
A vulnerability was found in SourceCodester Food Ordering Management System up to 1.0. It has... High Unreviewed
CVE-2024-6213 was published Jun 21, 2024
An attacker may be able to cause a denial-of-service condition by sending many packets repeatedly. High Unreviewed
CVE-2024-35246 was published Jun 21, 2024
An attacker may be able to cause a denial-of-service condition by sending many SSH packets... High Unreviewed
CVE-2024-32943 was published Jun 21, 2024
A Server-Side Request Forgery vulnerability was identified in GitHub Enterprise Server that... High Unreviewed
CVE-2024-5746 was published Jun 21, 2024
Poly Plantronics Hub Link Following Local Privilege Escalation Vulnerability. This vulnerability... High Unreviewed
CVE-2024-6147 was published Jun 20, 2024
Parallels Desktop Updater Protection Mechanism Failure Software Downgrade Vulnerability. This... High Unreviewed
CVE-2024-6153 was published Jun 20, 2024
Parallels Desktop Toolgate Heap-based Buffer Overflow Local Privilege Escalation Vulnerability.... High Unreviewed
CVE-2024-6154 was published Jun 20, 2024
A vulnerability, which was classified as critical, has been found in itsourcecode Vehicle... High Unreviewed
CVE-2024-6193 was published Jun 20, 2024
A vulnerability was found in itsourcecode Banking Management System 1.0 and classified as... High Unreviewed
CVE-2024-6196 was published Jun 20, 2024
js2py allows remote code execution High
CVE-2024-28397 was published for js2py (pip) Jun 20, 2024
A vulnerability was found in itsourcecode Farm Management System 1.0. It has been rated as... High Unreviewed
CVE-2024-6190 was published Jun 20, 2024
Cross Site Scripting (XSS) vulnerability in Averta Master Slider allows Reflected XSS.This issue... High Unreviewed
CVE-2024-37222 was published Jun 20, 2024
A vulnerability classified as critical has been found in itsourcecode Student Management System 1... High Unreviewed
CVE-2024-6191 was published Jun 20, 2024
A vulnerability was found in Tenda A301 15.13.08.12. It has been classified as critical. Affected... High Unreviewed
CVE-2024-6189 was published Jun 20, 2024
A vulnerability classified as critical was found in itsourcecode Loan Management System 1.0. This... High Unreviewed
CVE-2024-6192 was published Jun 20, 2024
Undertow's url-encoded request path information can be broken on ajp-listener High
CVE-2024-6162 was published for io.undertow:undertow-core (Maven) Jun 20, 2024
IBM WebSphere Application Server 8.5 and 9.0 is vulnerable to identity spoofing by an... High Unreviewed
CVE-2024-37532 was published Jun 20, 2024
There is an unauthorized access vulnerability in ZTE H388X. If H388X is caused by brute-force... High Unreviewed
CVE-2023-25646 was published Jun 20, 2024
A vulnerability was found in itsourcecode Monbela Tourist Inn Online Reservation System 1.0. It... High Unreviewed
CVE-2024-6113 was published Jun 20, 2024
ProTip! Advisories are also available from the GraphQL API