Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,971
Erlang
29
GitHub Actions
16
Go
1,752
Maven
4,982
npm
3,516
NuGet
609
pip
3,091
Pub
10
RubyGems
832
Rust
782
Swift
34
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

100,351 advisories

Loading
A vulnerability was found in itsourcecode Farm Management System 1.0. It has been declared as... Moderate Unreviewed
CVE-2024-6453 was published Jul 3, 2024
Incorrect handling of certain string inputs may result in MongoDB Rust driver constructing... Moderate Unreviewed
CVE-2024-6382 was published Jul 2, 2024
A vulnerability classified as critical was found in linlinjava litemall up to 1.8.0. Affected by... Moderate Unreviewed
CVE-2024-6452 was published Jul 2, 2024
The bson_strfreev function in the MongoDB C driver library may be susceptible to an integer... Moderate Unreviewed
CVE-2024-6381 was published Jul 2, 2024
Vulnerability in Delinea Centrify PAS v. 21.3 and possibly others. The application is prone to... Moderate Unreviewed
CVE-2024-5866 was published Jul 2, 2024
In the Twilio Authy API, accessed by Authy Android before 25.1.0 and Authy iOS before 26.1.0, an... Moderate Unreviewed
CVE-2024-39891 was published Jul 2, 2024
A vulnerability was found in SourceCodester Home Owners Collection Management System 1.0 and... Moderate Unreviewed
CVE-2024-6439 was published Jul 2, 2024
Under certain circumstances unnecessary user details are provided within system logs Moderate Unreviewed
CVE-2024-32757 was published Jul 2, 2024
The Post Meta Data Manager plugin for WordPress is vulnerable to Stored Cross-Site Scripting via... Moderate Unreviewed
CVE-2024-6264 was published Jul 2, 2024
The Ultimate Blocks – WordPress Blocks Plugin plugin for WordPress is vulnerable to Stored Cross... Moderate Unreviewed
CVE-2024-4268 was published Jul 2, 2024
The LearnPress – WordPress LMS Plugin plugin for WordPress is vulnerable to unauthorized user... Moderate Unreviewed
CVE-2024-6088 was published Jul 2, 2024
Under certain circumstances the Linux users credentials may be recovered by an authenticated user. Moderate Unreviewed
CVE-2024-32756 was published Jul 2, 2024
A vulnerability was found in SourceCodester Home Owners Collection Management System 1.0. It has... Moderate Unreviewed
CVE-2024-6440 was published Jul 2, 2024
A vulnerability has been found in Hitout Carsale 1.0 and classified as critical. This... Moderate Unreviewed
CVE-2024-6438 was published Jul 2, 2024
A vulnerability was found in ORIPA up to 1.72. It has been declared as critical. Affected by this... Moderate Unreviewed
CVE-2024-6441 was published Jul 2, 2024
Under certain circumstances the web interface users credentials may be recovered by an... Moderate Unreviewed
CVE-2024-32932 was published Jul 2, 2024
Improper authentication in MTP application prior to SMR Jul-2024 Release 1 allows local attackers... Moderate Unreviewed
CVE-2024-20900 was published Jul 2, 2024
Improper access control in KnoxCustomManagerService prior to SMR Jul-2024 Release 1 allows local... Moderate Unreviewed
CVE-2024-34586 was published Jul 2, 2024
Improper access control in system property prior to SMR Jul-2024 Release 1 allows local attackers... Moderate Unreviewed
CVE-2024-34583 was published Jul 2, 2024
Improper input validation?in parsing RTCP SR packet in librtp.so prior to SMR Jul-2024 Release 1... Moderate Unreviewed
CVE-2024-34588 was published Jul 2, 2024
Improper input validation?in parsing an item type from RTCP SDES packet in librtp.so prior to SMR... Moderate Unreviewed
CVE-2024-34590 was published Jul 2, 2024
Improper input validation in parsing an item data from RTCP SDES packet in librtp.so prior to SMR... Moderate Unreviewed
CVE-2024-34591 was published Jul 2, 2024
Use of implicit intent for sensitive communication in RCS function in IMS service prior to SMR... Moderate Unreviewed
CVE-2024-20899 was published Jul 2, 2024
Improper input validation in copying data to buffer cache in libsaped prior to SMR Jul-2024... Moderate Unreviewed
CVE-2024-20901 was published Jul 2, 2024
The LearnPress – WordPress LMS Plugin plugin for WordPress is vulnerable to unauthenticated... Moderate Unreviewed
CVE-2024-6099 was published Jul 2, 2024
ProTip! Advisories are also available from the GraphQL API