Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,965
Erlang
29
GitHub Actions
16
Go
1,747
Maven
4,975
npm
3,507
NuGet
609
pip
3,072
Pub
10
RubyGems
832
Rust
780
Swift
34
Unreviewed advisories
All unreviewed
5,000+

93,385 advisories

Loading
A vulnerability, which was classified as critical, has been found in itsourcecode Simple Online... High Unreviewed
CVE-2024-6116 was published Jun 18, 2024
IBM QRadar Suite Software 1.10.12.0 through 1.10.21.0 and IBM Cloud Pak for Security 1.10.12.0... High Unreviewed
CVE-2023-47726 was published Jun 18, 2024
A vulnerability was found in itsourcecode Magbanua Beach Resort Online Reservation System up to 1... High Unreviewed
CVE-2024-6110 was published Jun 18, 2024
The vCenter Server contains multiple local privilege escalation vulnerabilities due to... High Unreviewed
CVE-2024-37081 was published Jun 18, 2024
The Business Directory Plugin plugin for WordPress is vulnerable to CSV Injection in versions up... High Unreviewed
CVE-2023-5527 was published Jun 18, 2024
A vulnerability classified as critical was found in Intelbras InControl 2.21.56. This... High Unreviewed
CVE-2024-6080 was published Jun 18, 2024
Rancher does not automatically clean up a user deleted or disabled from the configured Authentication Provider High
CVE-2023-22650 was published for github.com/rancher/rancher (Go) Jun 17, 2024
A vulnerability was found in itsourcecode Bakery Online Ordering System 1.0. It has been rated as... High Unreviewed
CVE-2024-6065 was published Jun 17, 2024
STRIMZI incorrect access control High
CVE-2024-36543 was published for io.strimzi:strimzi (Maven) Jun 17, 2024
LNbits improperly handles potential network and payment failures when using Eclair backend High
CVE-2024-34694 was published for lnbits (pip) Jun 17, 2024
Semisol fishcakeday
ws affected by a DoS when handling a request with many HTTP headers High
CVE-2024-37890 was published for ws (npm) Jun 17, 2024
rrlapointe
DLL Hijacking vulnerability has been found in CENTUM CAMS Log server provided by Yokogawa... High Unreviewed
CVE-2024-5650 was published Jun 17, 2024
Certain models of D-Link wireless routers contain an undisclosed factory testing backdoor.... High Unreviewed
CVE-2024-6045 was published Jun 17, 2024
A vulnerability classified as critical has been found in SourceCodester Best House Rental... High Unreviewed
CVE-2024-6043 was published Jun 17, 2024
IBM i 7.2, 7.3, 7.4, and 7.5 contains a local privilege escalation vulnerability caused by an... High Unreviewed
CVE-2024-27275 was published Jun 15, 2024
The FooEvents for WooCommerce plugin for WordPress is vulnerable to unauthorized arbitrary file... High Unreviewed
CVE-2024-6000 was published Jun 15, 2024
The tagDiv Composer plugin for WordPress is vulnerable to Local File Inclusion in all versions up... High Unreviewed
CVE-2024-3813 was published Jun 15, 2024
The Popup Builder plugin for WordPress is vulnerable to unauthorized modification of data and... High Unreviewed
CVE-2024-2544 was published Jun 15, 2024
The Popup Builder – Create highly converting, mobile friendly marketing popups. plugin for... High Unreviewed
CVE-2023-6696 was published Jun 15, 2024
A vulnerability was found in Guangdong Baolun Electronics IP Network Broadcasting Service... High Unreviewed
CVE-2024-6003 was published Jun 15, 2024
The Folders Pro plugin for WordPress is vulnerable to arbitrary file uploads due to missing file... High Unreviewed
CVE-2024-2024 was published Jun 14, 2024
Snipe-IT allows users to promote or demote themselves or other users High
CVE-2024-5685 was published for snipe/snipe-it (Composer) Jun 14, 2024
The notification emails sent by Soar Cloud HR Portal contain a link with a embedded session.... High Unreviewed
CVE-2024-5996 was published Jun 14, 2024
The specific function parameter of ASUS Download Master does not properly filter user input. An... High Unreviewed
CVE-2024-31162 was published Jun 14, 2024
Privilege escalation vulnerability in the AMS module Impact: Successful exploitation of this... High Unreviewed
CVE-2024-36500 was published Jun 14, 2024
ProTip! Advisories are also available from the GraphQL API