GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,967
Erlang
29
GitHub Actions
16
Go
1,748
Maven
4,978
npm
3,509
NuGet
609
pip
3,075
Pub
10
RubyGems
832
Rust
781
Swift
34
Unreviewed advisories
All unreviewed
5,000+
5,896 advisories
Filter by severity
Symfony has a security issue when parsing the Authorization header
Moderate
CVE-2014-6061
was published
for
symfony/http-foundation
(Composer)
May 30, 2024
In the Linux kernel, the following vulnerability has been resolved:
ipv4: check for NULL idev in...
Moderate
Unreviewed
CVE-2024-36008
was published
May 20, 2024
A vulnerability has been found in Campcodes Complete Web-Based School Management System 1.0 and...
Moderate
Unreviewed
CVE-2024-5109
was published
May 20, 2024
A vulnerability was found in Campcodes Complete Web-Based School Management System 1.0. It has...
Moderate
Unreviewed
CVE-2024-4527
was published
May 6, 2024
In the Linux kernel, the following vulnerability has been resolved:
RDMA/srp: Set scmnd->result...
Moderate
Unreviewed
CVE-2022-48692
was published
May 3, 2024
In the Linux kernel, the following vulnerability has been resolved:
net/mlx5e: Prevent deadlock...
Moderate
Unreviewed
CVE-2024-27014
was published
May 1, 2024
In the Linux kernel, the following vulnerability has been resolved:
mm/memory-failure: fix...
Moderate
Unreviewed
CVE-2024-26987
was published
May 1, 2024
A vulnerability was reported
in a system recovery bootloader that was part of the Lenovo...
Moderate
Unreviewed
CVE-2024-23593
was published
Apr 15, 2024
A buffer overflow vulnerability was reported
in a system recovery bootloader that was part of...
Moderate
Unreviewed
CVE-2024-23594
was published
Apr 15, 2024
A vulnerability was found in namithjawahar Wp-Insert up to 2.0.8 and classified as problematic....
Moderate
Unreviewed
CVE-2014-125111
was published
Apr 8, 2024
A vulnerability has been found in wp-file-upload Plugin up to 2.4.3 on WordPress and classified...
Moderate
Unreviewed
CVE-2014-125110
was published
Apr 1, 2024
A vulnerability was found in Campcodes Online Job Finder System 1.0. It has been classified as...
Moderate
Unreviewed
CVE-2024-2679
was published
Mar 20, 2024
In the Linux kernel, the following vulnerability has been resolved:
net/mlx5e: Wrap the tx...
Moderate
Unreviewed
CVE-2021-46931
was published
Feb 27, 2024
In the Linux kernel, the following vulnerability has been resolved:
apparmor: avoid crash when...
Moderate
Unreviewed
CVE-2023-52443
was published
Feb 22, 2024
A vulnerability was found in Kashipara Food Management System up to 1.0. It has been classified...
Moderate
Unreviewed
CVE-2024-0282
was published
Jan 7, 2024
[This CNA information record relates to multiple CVEs; the
text explains which aspects...
Moderate
Unreviewed
CVE-2023-34327
was published
Jan 5, 2024
[This CNA information record relates to multiple CVEs; the
text explains which aspects...
Moderate
Unreviewed
CVE-2023-34328
was published
Jan 5, 2024
A cross-site scripting (XSS) vulnerability in the component admin_ Video.php of SeaCMS v12.8...
Moderate
Unreviewed
CVE-2023-50470
was published
Dec 28, 2023
A vulnerability was found in BestWebSoft Portfolio Plugin up to 2.27. It has been declared as...
Moderate
Unreviewed
CVE-2014-125109
was published
Dec 26, 2023
Corveda PHPSandbox Protection Mechanism Failure vulnerability
Moderate
CVE-2014-125107
was published
for
corveda/phpsandbox
(Composer)
Dec 19, 2023
Cross Site Scripting in evershop
Moderate
CVE-2023-46494
was published
for
@evershop/evershop
(npm)
Dec 8, 2023
A vulnerability, which was classified as critical, has been found in Campcodes Beauty Salon...
Moderate
Unreviewed
CVE-2023-3882
was published
Jul 25, 2023
Statamic's Antlers sanitizer cannot effectively sanitize malicious SVG
Moderate
CVE-2023-36828
was published
for
statamic/cms
(Composer)
Jul 6, 2023
A vulnerability was found in VaultPress Plugin up to 1.6.0 on WordPress. It has been declared as...
Moderate
Unreviewed
CVE-2014-125104
was published
Jun 1, 2023
A vulnerability classified as problematic was found in Bestwebsoft Relevant Plugin up to 1.0.7 on...
Moderate
Unreviewed
CVE-2014-125102
was published
May 30, 2023
ProTip!
Advisories are also available from the
GraphQL API