Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,458
Erlang
29
GitHub Actions
16
Go
1,691
Maven
4,934
npm
3,466
NuGet
601
pip
2,971
Pub
10
RubyGems
825
Rust
767
Swift
34
Unreviewed advisories
All unreviewed
5,000+

92,430 advisories

The Email Subscribers by Icegram Express plugin for WordPress is vulnerable to unauthorized... High Unreviewed
CVE-2024-4010 was published May 15, 2024
The Alt Text AI – Automatically generate image alt text for SEO and accessibility plugin for... High Unreviewed
CVE-2024-4847 was published May 15, 2024
There is an arbitrary file deletion vulnerability in the CLI service accessed by PAPI (Aruba's... High Unreviewed
CVE-2024-31474 was published May 15, 2024
Multiple authenticated command injection vulnerabilities exist in the command line interface.... High Unreviewed
CVE-2024-31476 was published May 15, 2024
There is an arbitrary file deletion vulnerability in the Central Communications service accessed... High Unreviewed
CVE-2024-31475 was published May 15, 2024
Multiple authenticated command injection vulnerabilities exist in the command line interface.... High Unreviewed
CVE-2024-31477 was published May 15, 2024
Improper Privilege Management vulnerability in Teplitsa of social technologies Leyka allows... High Unreviewed
CVE-2023-33327 was published May 15, 2024
Grafana folders admin only permission privilege escalation High
CVE-2022-36062 was published for github.com/grafana/grafana (Go) May 14, 2024
Grafana account takeover via OAuth vulnerability High
CVE-2022-31107 was published for github.com/grafana/grafana (Go) May 14, 2024
Grafana Stored Cross-site Scripting in Unified Alerting High
CVE-2022-31097 was published for github.com/grafana/grafana (Go) May 14, 2024
The Proofpoint Encryption endpoint of Proofpoint Enterprise Protection contains an Improper Input... High Unreviewed
CVE-2024-3676 was published May 14, 2024
An authenticated local attacker who successfully exploited this vulnerability could insert and... High Unreviewed
CVE-2024-2637 was published May 14, 2024
Improper DLL loading algorithms in B&R Automation Studio may allow an authenticated local... High Unreviewed
CVE-2021-22280 was published May 14, 2024
dotmesh arbitrary file read and/or write High
CVE-2020-26312 was published for github.com/dotmesh-io/dotmesh (Go) May 14, 2024
OctoPrint has an Authentication Bypass via X-Forwarded-For Header when autologinLocal is enabled High
CVE-2024-32977 was published for OctoPrint (pip) May 14, 2024
jacopotediosi
Dynamics 365 Customer Insights Spoofing Vulnerability High Unreviewed
CVE-2024-30048 was published May 14, 2024
Windows DWM Core Library Elevation of Privilege Vulnerability High Unreviewed
CVE-2024-30051 was published May 14, 2024
Elevation of privilege vulnerability in GE HealthCare EchoPAC products High Unreviewed
CVE-2024-27110 was published May 14, 2024
Dynamics 365 Customer Insights Spoofing Vulnerability High Unreviewed
CVE-2024-30047 was published May 14, 2024
Windows Win32 Kernel Subsystem Elevation of Privilege Vulnerability High Unreviewed
CVE-2024-30049 was published May 14, 2024
A client-side enforcement of server-side security in Fortinet FortiSandbox version 4.4.0 through... High Unreviewed
CVE-2024-31491 was published May 14, 2024
Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability High Unreviewed
CVE-2024-30015 was published May 14, 2024
Windows Hyper-V Remote Code Execution Vulnerability High Unreviewed
CVE-2024-30017 was published May 14, 2024
Win32k Elevation of Privilege Vulnerability High Unreviewed
CVE-2024-30028 was published May 14, 2024
Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability High Unreviewed
CVE-2024-30014 was published May 14, 2024
ProTip! Advisories are also available from the GraphQL API