GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,971
Erlang
29
GitHub Actions
16
Go
1,752
Maven
4,982
npm
3,516
NuGet
609
pip
3,091
Pub
10
RubyGems
832
Rust
782
Swift
34
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
100,351 advisories
Filter by severity
A vulnerability was found in itsourcecode Farm Management System 1.0. It has been declared as...
Moderate
Unreviewed
CVE-2024-6453
was published
Jul 3, 2024
Incorrect handling of certain string inputs may result in MongoDB Rust driver constructing...
Moderate
Unreviewed
CVE-2024-6382
was published
Jul 2, 2024
A vulnerability classified as critical was found in linlinjava litemall up to 1.8.0. Affected by...
Moderate
Unreviewed
CVE-2024-6452
was published
Jul 2, 2024
The bson_strfreev function in the MongoDB C driver library may be susceptible to an integer...
Moderate
Unreviewed
CVE-2024-6381
was published
Jul 2, 2024
Vulnerability in Delinea Centrify PAS v. 21.3 and possibly others. The application is prone to...
Moderate
Unreviewed
CVE-2024-5866
was published
Jul 2, 2024
In the Twilio Authy API, accessed by Authy Android before 25.1.0 and Authy iOS before 26.1.0, an...
Moderate
Unreviewed
CVE-2024-39891
was published
Jul 2, 2024
A vulnerability was found in SourceCodester Home Owners Collection Management System 1.0 and...
Moderate
Unreviewed
CVE-2024-6439
was published
Jul 2, 2024
Under certain circumstances unnecessary user details are provided within system logs
Moderate
Unreviewed
CVE-2024-32757
was published
Jul 2, 2024
The Post Meta Data Manager plugin for WordPress is vulnerable to Stored Cross-Site Scripting via...
Moderate
Unreviewed
CVE-2024-6264
was published
Jul 2, 2024
The Ultimate Blocks – WordPress Blocks Plugin plugin for WordPress is vulnerable to Stored Cross...
Moderate
Unreviewed
CVE-2024-4268
was published
Jul 2, 2024
The LearnPress – WordPress LMS Plugin plugin for WordPress is vulnerable to unauthorized user...
Moderate
Unreviewed
CVE-2024-6088
was published
Jul 2, 2024
Under certain circumstances the Linux users credentials may be recovered by an authenticated user.
Moderate
Unreviewed
CVE-2024-32756
was published
Jul 2, 2024
A vulnerability was found in SourceCodester Home Owners Collection Management System 1.0. It has...
Moderate
Unreviewed
CVE-2024-6440
was published
Jul 2, 2024
A vulnerability has been found in Hitout Carsale 1.0 and classified as critical. This...
Moderate
Unreviewed
CVE-2024-6438
was published
Jul 2, 2024
A vulnerability was found in ORIPA up to 1.72. It has been declared as critical. Affected by this...
Moderate
Unreviewed
CVE-2024-6441
was published
Jul 2, 2024
Under certain circumstances the web interface users credentials may be recovered by an...
Moderate
Unreviewed
CVE-2024-32932
was published
Jul 2, 2024
Improper authentication in MTP application prior to SMR Jul-2024 Release 1 allows local attackers...
Moderate
Unreviewed
CVE-2024-20900
was published
Jul 2, 2024
Improper access control in KnoxCustomManagerService prior to SMR Jul-2024 Release 1 allows local...
Moderate
Unreviewed
CVE-2024-34586
was published
Jul 2, 2024
Improper access control in system property prior to SMR Jul-2024 Release 1 allows local attackers...
Moderate
Unreviewed
CVE-2024-34583
was published
Jul 2, 2024
Improper input validation?in parsing RTCP SR packet in librtp.so prior to SMR Jul-2024 Release 1...
Moderate
Unreviewed
CVE-2024-34588
was published
Jul 2, 2024
Improper input validation?in parsing an item type from RTCP SDES packet in librtp.so prior to SMR...
Moderate
Unreviewed
CVE-2024-34590
was published
Jul 2, 2024
Improper input validation in parsing an item data from RTCP SDES packet in librtp.so prior to SMR...
Moderate
Unreviewed
CVE-2024-34591
was published
Jul 2, 2024
Use of implicit intent for sensitive communication in RCS function in IMS service prior to SMR...
Moderate
Unreviewed
CVE-2024-20899
was published
Jul 2, 2024
Improper input validation in copying data to buffer cache in libsaped prior to SMR Jul-2024...
Moderate
Unreviewed
CVE-2024-20901
was published
Jul 2, 2024
The LearnPress – WordPress LMS Plugin plugin for WordPress is vulnerable to unauthenticated...
Moderate
Unreviewed
CVE-2024-6099
was published
Jul 2, 2024
ProTip!
Advisories are also available from the
GraphQL API