GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 19,905
Composer 4,049
Erlang 29
GitHub Actions 18
Go 1,871
Maven 5,069
npm 3,597
NuGet 638
pip 3,198
Pub 10
RubyGems 852
Rust 809
Swift 35

Unreviewed advisories

All unreviewed 226,824

CC-BY-4.0 License

Language support

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

748 advisories

Filter by severity

Sort by

Least recently updated

A vulnerability was found in HM Courts & Tribunals Service Probate Back Office up to... Moderate Unreviewed

CVE-2024-8367 was published Sep 1, 2024

A host header injection vulnerability exists in the forgot password functionality of ArrowCMS... Critical Unreviewed

CVE-2024-42914 was published Aug 23, 2024

IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.1 and 11.5 is vulnerable to... Moderate Unreviewed

CVE-2024-31882 was published Aug 14, 2024

GL-iNet products AR750/AR750S/AR300M/AR300M16/MT300N-V2/B1300/MT1300/SFT1200/X750 v4.3.11, MT3000... Critical Unreviewed

CVE-2024-39227 was published Aug 6, 2024

stitionai/devika main branch as of commit cdfb782b0e634b773b10963c8034dc9207ba1f9f is vulnerable... High Unreviewed

CVE-2024-6331 was published Aug 4, 2024

A CRLF injection vulnerability in E-Staff v5.1 allows attackers to insert Carriage Return (CR)... Critical Unreviewed

CVE-2024-40324 was published Jul 25, 2024

A vulnerability in the web-based management interface of Cisco AsyncOS for Secure Email Gateway... Moderate Unreviewed

CVE-2024-20429 was published Jul 17, 2024

Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection'... Moderate Unreviewed

CVE-2024-38700 was published Jul 12, 2024

Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection'... Low Unreviewed

CVE-2024-37253 was published Jul 9, 2024

Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection'... Low Unreviewed

CVE-2024-35777 was published Jul 9, 2024

Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection'... Low Unreviewed

CVE-2024-37442 was published Jul 9, 2024

A vulnerability was found in playSMS 1.4.3. It has been rated as problematic. Affected by this... Moderate Unreviewed

CVE-2024-6470 was published Jul 3, 2024

A vulnerability was found in playSMS 1.4.3. It has been declared as problematic. Affected by this... Moderate Unreviewed

CVE-2024-6469 was published Jul 3, 2024

Soft Circle French-Bread Melty Blood: Actress Again: Current Code through 1.07 Rev. 1.4.0 allows... Critical Unreviewed

CVE-2024-39704 was published Jul 3, 2024

DataGear v5.0.0 and earlier was discovered to contain a SpEL (Spring Expression Language)... Critical Unreviewed

CVE-2024-37759 was published Jun 24, 2024

Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection'... Moderate Unreviewed

CVE-2024-35680 was published Jun 10, 2024

Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection'... Moderate Unreviewed

CVE-2024-35728 was published Jun 10, 2024

The EmailGPT service contains a prompt injection vulnerability. The service uses an API service... Moderate Unreviewed

CVE-2024-5184 was published Jun 5, 2024

Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection'... Moderate Unreviewed

CVE-2023-23738 was published Jun 4, 2024

An arbitrary file upload vulnerability in the component \modstudent\controller.php of Pisay... Critical Unreviewed

CVE-2024-34919 was published May 17, 2024

modules/Users/models/Module.php in Vtiger CRM 7.5.0 allows a remote authenticated attacker to run... High Unreviewed

CVE-2023-46304 was published Apr 30, 2024

Mattermost Jira plugin versions shipped with Mattermost versions 8.1.x before 8.1.10, 9.2.x... Moderate Unreviewed

CVE-2024-2445 was published Mar 15, 2024

This is a reflected cross site scripting vulnerability in the PaperCut NG/MF application server.... Moderate Unreviewed

CVE-2024-1883 was published Mar 14, 2024

This vulnerability allows an already authenticated admin user to create a malicious payload that... High Unreviewed

CVE-2024-1882 was published Mar 14, 2024

An injection vulnerability has been reported to affect several QNAP operating system versions. If... Moderate Unreviewed

CVE-2024-21900 was published Mar 8, 2024

Previous 1 2 3 4 5 … 29 30 Next

ProTip! Advisories are also available from the GraphQL API

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

748 advisories