GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,434
Erlang
29
GitHub Actions
16
Go
1,660
Maven
4,922
npm
3,450
NuGet
594
pip
2,840
Pub
10
RubyGems
823
Rust
764
Swift
34
Unreviewed advisories
All unreviewed
5,000+
49 advisories
Filter by severity
An excessive memory use issue (CWE-770) exists in Email-MIME, before version 1.954, which can...
High
Unreviewed
CVE-2024-4140
was published
May 2, 2024
In the Linux kernel, the following vulnerability has been resolved:
btrfs: fix race when...
Unknown
Unreviewed
CVE-2024-27080
was published
May 1, 2024
In the Linux kernel, the following vulnerability has been resolved:
btrfs: zoned: fix use-after...
Unknown
Unreviewed
CVE-2024-26944
was published
May 1, 2024
The server in Circontrol Raption through 5.11.2 has a pre-authentication stack-based buffer...
Unknown
Unreviewed
CVE-2020-8006
was published
Apr 12, 2024
Apache Zeppelin remote code execution by adding malicious JDBC connection string
Critical
CVE-2024-31864
was published
for
org.apache.zeppelin:zeppelin-jdbc
(Maven)
Apr 9, 2024
In the Linux kernel, the following vulnerability has been resolved:
drm/amdgpu: fix use-after...
Unknown
Unreviewed
CVE-2024-26656
was published
Apr 2, 2024
In the Linux kernel, the following vulnerability has been resolved:
drm/sched: fix null-ptr...
Unknown
Unreviewed
CVE-2024-26657
was published
Apr 2, 2024
This vulnerability allows access to arbitrary files in the application server file system due to...
Critical
Unreviewed
CVE-2024-2227
was published
Mar 22, 2024
A vulnerability, which was classified as problematic, was found in Campcodes Online Job Finder...
Moderate
Unreviewed
CVE-2024-2685
was published
Mar 20, 2024
Bypassing Rate Limit and Brute Force Protection Using Cache Overflow
Moderate
CVE-2024-21662
was published
for
github.com/argoproj/argo-cd/v2
(Go)
Mar 18, 2024
Bypassing Brute Force Protection via Application Crash and In-Memory Data Loss
Moderate
CVE-2024-21652
was published
for
github.com/argoproj/argo-cd/v2
(Go)
Mar 18, 2024
In the Linux kernel, the following vulnerability has been resolved:
llc: Drop support for...
Unknown
Unreviewed
CVE-2024-26635
was published
Mar 18, 2024
The Calculated Fields Form plugin for WordPress is vulnerable to Stored Cross-Site Scripting via...
High
Unreviewed
CVE-2024-2020
was published
Mar 13, 2024
An issue in Teamwire Windows desktop client v.2.0.1 through v.2.4.0 allows a remote attacker to...
Unknown
Unreviewed
CVE-2024-24278
was published
Mar 6, 2024
Cross Site Scripting vulnerability in Teamwire Windows desktop client v.2.0.1 through v.2.4.0...
Unknown
Unreviewed
CVE-2024-24275
was published
Mar 6, 2024
Cross Site Scripting (XSS) vulnerability in Teamwire Windows desktop client v.2.0.1 through v.2.4...
Unknown
Unreviewed
CVE-2024-24276
was published
Mar 6, 2024
Use of a hard-coded password for a special database account created during Comarch ERP XL...
High
Unreviewed
CVE-2023-4539
was published
Feb 15, 2024
The database access credentials configured during installation are stored in a special table, and...
Moderate
Unreviewed
CVE-2023-4538
was published
Feb 15, 2024
Comarch ERP XL client is vulnerable to MS SQL protocol downgrade request from a server side, what...
High
Unreviewed
CVE-2023-4537
was published
Feb 15, 2024
BIG-IP or BIG-IQ Resource Administrators and Certificate Managers who have access to the secure...
Moderate
Unreviewed
CVE-2024-21782
was published
Feb 14, 2024
TYPO3 Install Tool vulnerable to Code Execution
High
CVE-2024-22188
was published
for
typo3/cms-core
(Composer)
Feb 13, 2024
CloudLinux
CageFS 7.1.1-1 or below passes the authentication token as command line
argument. In...
High
Unreviewed
CVE-2020-36771
was published
Jan 22, 2024
CloudLinux
CageFS 7.0.8-2 or below insufficiently restricts file paths supplied to
the sendmail...
Moderate
Unreviewed
CVE-2020-36772
was published
Jan 22, 2024
A vulnerability, which was classified as critical, has been found in ForU CMS up to 2020-06-23....
Moderate
Unreviewed
CVE-2024-0729
was published
Jan 19, 2024
A vulnerability classified as problematic was found in ForU CMS up to 2020-06-23. Affected by...
Moderate
Unreviewed
CVE-2024-0728
was published
Jan 19, 2024
ProTip!
Advisories are also available from the
GraphQL API