GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,956
Erlang
29
GitHub Actions
16
Go
1,745
Maven
4,969
npm
3,507
NuGet
609
pip
3,066
Pub
10
RubyGems
832
Rust
780
Swift
34
Unreviewed advisories
All unreviewed
5,000+
108,658 advisories
Filter by severity
In JetBrains YouTrack before 2024.2.34646 user access token was sent to the third-party site
Moderate
Unreviewed
CVE-2024-38505
was published
Jun 18, 2024
In JetBrains YouTrack before 2024.2.34646 the Guest User Account was enabled for attaching files...
Moderate
Unreviewed
CVE-2024-38504
was published
Jun 18, 2024
The Divi theme for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to,...
Moderate
Unreviewed
CVE-2024-5533
was published
Jun 18, 2024
The Tickera – WordPress Event Ticketing plugin for WordPress is vulnerable to unauthorized loss...
Moderate
Unreviewed
CVE-2024-5860
was published
Jun 18, 2024
Johan Fagerström, member of the AXIS OS Bug Bounty Program, has found that a O3C feature may...
Moderate
Unreviewed
CVE-2024-0066
was published
Jun 18, 2024
The PDF Viewer for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting...
Moderate
Unreviewed
CVE-2024-0845
was published
Jun 18, 2024
The Scheduling Plugin – Online Booking for WordPress plugin for WordPress is vulnerable to...
Moderate
Unreviewed
CVE-2024-1634
was published
Jun 18, 2024
The Ibtana – WordPress Website Builder plugin for WordPress is vulnerable to unauthorized...
Moderate
Unreviewed
CVE-2024-5541
was published
Jun 18, 2024
The Master Slider – Responsive Touch Slider plugin for WordPress is vulnerable to Stored Cross...
Moderate
Unreviewed
CVE-2024-4375
was published
Jun 18, 2024
A vulnerability has been found in itsourcecode Pool of Bethesda Online Reservation System up to 1...
Moderate
Unreviewed
CVE-2024-6084
was published
Jun 18, 2024
A vulnerability, which was classified as critical, was found in PHPVibe 11.0.46. Affected is an...
Moderate
Unreviewed
CVE-2024-6083
was published
Jun 18, 2024
A vulnerability classified as critical was found in SourceCodester Music Class Enrollment System...
Moderate
Unreviewed
CVE-2024-6067
was published
Jun 18, 2024
Rancher's RKE1 Encryption Config kept in plain-text within cluster AppliedSpec
Moderate
CVE-2024-22032
was published
for
github.com/rancher/rancher
(Go)
Jun 17, 2024
Rancher's External RoleTemplates can lead to privilege escalation
Moderate
CVE-2023-32196
was published
for
github.com/rancher/rancher
(Go)
Jun 17, 2024
Firefly III has a MFA bypass in oauth flow
Moderate
CVE-2024-37893
was published
for
grumpydictator/firefly-iii
(Composer)
Jun 17, 2024
urllib3's Proxy-Authorization request header isn't stripped during cross-origin redirects
Moderate
CVE-2024-37891
was published
for
urllib3
(pip)
Jun 17, 2024
A vulnerability was found in GPAC 2.5-DEV-rev228-g11067ea92-master. It has been declared as...
Moderate
Unreviewed
CVE-2024-6064
was published
Jun 17, 2024
A vulnerability classified as critical has been found in SourceCodester Best House Rental...
Moderate
Unreviewed
CVE-2024-6066
was published
Jun 17, 2024
A vulnerability classified as problematic has been found in LabVantage LIMS 2017. This affects an...
Moderate
Unreviewed
CVE-2024-6058
was published
Jun 17, 2024
@akbr/update Prototype Pollution
Moderate
CVE-2024-36578
was published
for
@akbr/update
(npm)
Jun 17, 2024
Object Resolver Prototype Pollution
Moderate
CVE-2024-36577
was published
for
@apphp/object-resolver
(npm)
Jun 17, 2024
flatten-json Prototype Pollution
Moderate
CVE-2024-36574
was published
for
@allanlancioni/flatten-json
(npm)
Jun 17, 2024
Badger Database Prototype Pollution
Moderate
CVE-2024-36581
was published
for
@abw/badger-database
(npm)
Jun 17, 2024
ProTip!
Advisories are also available from the
GraphQL API