GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,965
Erlang
29
GitHub Actions
16
Go
1,747
Maven
4,975
npm
3,507
NuGet
609
pip
3,072
Pub
10
RubyGems
832
Rust
780
Swift
34
Unreviewed advisories
All unreviewed
5,000+
93,385 advisories
Filter by severity
A vulnerability, which was classified as critical, has been found in itsourcecode Simple Online...
High
Unreviewed
CVE-2024-6116
was published
Jun 18, 2024
IBM QRadar Suite Software 1.10.12.0 through 1.10.21.0 and IBM Cloud Pak for Security 1.10.12.0...
High
Unreviewed
CVE-2023-47726
was published
Jun 18, 2024
A vulnerability was found in itsourcecode Magbanua Beach Resort Online Reservation System up to 1...
High
Unreviewed
CVE-2024-6110
was published
Jun 18, 2024
The vCenter Server contains multiple local privilege escalation vulnerabilities due to...
High
Unreviewed
CVE-2024-37081
was published
Jun 18, 2024
The Business Directory Plugin plugin for WordPress is vulnerable to CSV Injection in versions up...
High
Unreviewed
CVE-2023-5527
was published
Jun 18, 2024
A vulnerability classified as critical was found in Intelbras InControl 2.21.56. This...
High
Unreviewed
CVE-2024-6080
was published
Jun 18, 2024
Rancher does not automatically clean up a user deleted or disabled from the configured Authentication Provider
High
CVE-2023-22650
was published
for
github.com/rancher/rancher
(Go)
Jun 17, 2024
A vulnerability was found in itsourcecode Bakery Online Ordering System 1.0. It has been rated as...
High
Unreviewed
CVE-2024-6065
was published
Jun 17, 2024
STRIMZI incorrect access control
High
CVE-2024-36543
was published
for
io.strimzi:strimzi
(Maven)
Jun 17, 2024
LNbits improperly handles potential network and payment failures when using Eclair backend
High
CVE-2024-34694
was published
for
lnbits
(pip)
Jun 17, 2024
ws affected by a DoS when handling a request with many HTTP headers
High
CVE-2024-37890
was published
for
ws
(npm)
Jun 17, 2024
DLL Hijacking vulnerability has been found in CENTUM CAMS Log server provided by Yokogawa...
High
Unreviewed
CVE-2024-5650
was published
Jun 17, 2024
Certain models of D-Link wireless routers contain an undisclosed factory testing backdoor....
High
Unreviewed
CVE-2024-6045
was published
Jun 17, 2024
A vulnerability classified as critical has been found in SourceCodester Best House Rental...
High
Unreviewed
CVE-2024-6043
was published
Jun 17, 2024
IBM i 7.2, 7.3, 7.4, and 7.5 contains a local privilege escalation vulnerability caused by an...
High
Unreviewed
CVE-2024-27275
was published
Jun 15, 2024
The FooEvents for WooCommerce plugin for WordPress is vulnerable to unauthorized arbitrary file...
High
Unreviewed
CVE-2024-6000
was published
Jun 15, 2024
The tagDiv Composer plugin for WordPress is vulnerable to Local File Inclusion in all versions up...
High
Unreviewed
CVE-2024-3813
was published
Jun 15, 2024
The Popup Builder plugin for WordPress is vulnerable to unauthorized modification of data and...
High
Unreviewed
CVE-2024-2544
was published
Jun 15, 2024
The Popup Builder – Create highly converting, mobile friendly marketing popups. plugin for...
High
Unreviewed
CVE-2023-6696
was published
Jun 15, 2024
A vulnerability was found in Guangdong Baolun Electronics IP Network Broadcasting Service...
High
Unreviewed
CVE-2024-6003
was published
Jun 15, 2024
The Folders Pro plugin for WordPress is vulnerable to arbitrary file uploads due to missing file...
High
Unreviewed
CVE-2024-2024
was published
Jun 14, 2024
Snipe-IT allows users to promote or demote themselves or other users
High
CVE-2024-5685
was published
for
snipe/snipe-it
(Composer)
Jun 14, 2024
The notification emails sent by Soar Cloud HR Portal contain a link with a embedded session....
High
Unreviewed
CVE-2024-5996
was published
Jun 14, 2024
The specific function parameter of ASUS Download Master does not properly filter user input. An...
High
Unreviewed
CVE-2024-31162
was published
Jun 14, 2024
Privilege escalation vulnerability in the AMS module
Impact: Successful exploitation of this...
High
Unreviewed
CVE-2024-36500
was published
Jun 14, 2024
ProTip!
Advisories are also available from the
GraphQL API