GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,967
Erlang
29
GitHub Actions
16
Go
1,748
Maven
4,978
npm
3,509
NuGet
609
pip
3,075
Pub
10
RubyGems
832
Rust
781
Swift
34
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
100,211 advisories
Filter by severity
In the Linux kernel, the following vulnerability has been resolved:
um: Add winch to...
Moderate
Unreviewed
CVE-2024-39292
was published
Jun 24, 2024
Improper Authentication vulnerability in Play.Ht allows Accessing Functionality Not Properly...
Moderate
Unreviewed
CVE-2024-37233
was published
Jun 24, 2024
A Cross-Site Request Forgery (CSRF) vulnerability exists in the 'Servers Configurations' function...
Moderate
Unreviewed
CVE-2024-4839
was published
Jun 24, 2024
Use of a Broken or Risky Cryptographic Algorithm vulnerability in Mia Technology Inc. Mia-Med...
Moderate
Unreviewed
CVE-2024-3264
was published
Jun 24, 2024
Zoho ManageEngine ITOM products versions from 128234 to 128248 are affected by the stored cross...
Moderate
Unreviewed
CVE-2024-36038
was published
Jun 24, 2024
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')...
Moderate
Unreviewed
CVE-2024-4754
was published
Jun 24, 2024
A vulnerability, which was classified as critical, has been found in lahirudanushka School...
Moderate
Unreviewed
CVE-2024-6276
was published
Jun 24, 2024
A vulnerability was found in SourceCodester Simple Online Bidding System 1.0. It has been...
Moderate
Unreviewed
CVE-2024-6280
was published
Jun 24, 2024
A vulnerability was found in lahirudanushka School Management System 1.0.0/1.0.1 and classified...
Moderate
Unreviewed
CVE-2024-6279
was published
Jun 24, 2024
A vulnerability, which was classified as critical, was found in lahirudanushka School Management...
Moderate
Unreviewed
CVE-2024-6277
was published
Jun 24, 2024
A vulnerability has been found in lahirudanushka School Management System 1.0.0/1.0.1 and...
Moderate
Unreviewed
CVE-2024-6278
was published
Jun 24, 2024
A vulnerability classified as critical has been found in lahirudanushka School Management System...
Moderate
Unreviewed
CVE-2024-6274
was published
Jun 24, 2024
A vulnerability classified as critical was found in lahirudanushka School Management System 1.0.0...
Moderate
Unreviewed
CVE-2024-6275
was published
Jun 24, 2024
A vulnerability was found in SourceCodester Clinic Queuing System 1.0. It has been declared as...
Moderate
Unreviewed
CVE-2024-6273
was published
Jun 24, 2024
A Path Traversal vulnerability exists in the parisneo/lollms-webui, specifically within the ...
Moderate
Unreviewed
CVE-2024-4841
was published
Jun 23, 2024
A vulnerability has been found in Ruijie RG-UAC 1.0 and classified as critical. This...
Moderate
Unreviewed
CVE-2024-6269
was published
Jun 23, 2024
A vulnerability classified as critical has been found in Pear Admin Boot up to 2.0.2. Affected is...
Moderate
Unreviewed
CVE-2024-6266
was published
Jun 23, 2024
The ARMember Premium plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions...
Moderate
Unreviewed
CVE-2024-5596
was published
Jun 22, 2024
The Bricks Builder plugin for WordPress is vulnerable to Insecure Direct Object Reference in all...
Moderate
Unreviewed
CVE-2024-4874
was published
Jun 22, 2024
The Grey Opaque theme for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘url’...
Moderate
Unreviewed
CVE-2024-5966
was published
Jun 22, 2024
The Mosaic theme for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘link’...
Moderate
Unreviewed
CVE-2024-5965
was published
Jun 22, 2024
The Flatsome theme for WordPress is vulnerable to Stored Cross-Site Scripting via the UX...
Moderate
Unreviewed
CVE-2024-5346
was published
Jun 22, 2024
The Orbit Fox by ThemeIsle plugin for WordPress is vulnerable to Stored Cross-Site Scripting via...
Moderate
Unreviewed
CVE-2024-2484
was published
Jun 22, 2024
The Table Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting...
Moderate
Unreviewed
CVE-2024-4313
was published
Jun 22, 2024
The Sparkle Demo Importer plugin for WordPress is vulnerable to unauthorized database reset and...
Moderate
Unreviewed
CVE-2024-6120
was published
Jun 22, 2024
ProTip!
Advisories are also available from the
GraphQL API