GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,081
Erlang
29
GitHub Actions
19
Go
1,909
Maven
5,000+
npm
3,642
NuGet
638
pip
3,258
Pub
10
RubyGems
869
Rust
820
Swift
35
Unreviewed advisories
All unreviewed
5,000+
23,060 advisories
Filter by severity
Gradio allows users to access arbitrary files
Critical
GHSA-m842-4qm8-7gpq
was published
for
gradio
(pip)
Sep 25, 2024
TouchLink packets processed after timeout or out of range due to Operation on a Resource after...
Critical
Unreviewed
CVE-2023-41094
was published
Oct 4, 2023
Heap-based Buffer Overflow in sqlite-vec
Critical
CVE-2024-46488
was published
for
sqlite-vec
(RubyGems)
Sep 25, 2024
A stack-based buffer overflow vulnerability exists in the OpenPLC Runtime EtherNet/IP parser...
Critical
Unreviewed
CVE-2024-34026
was published
Sep 18, 2024
This vulnerability exists in Apex Softcell LD Geo due to missing restrictions for excessive...
Critical
Unreviewed
CVE-2024-47088
was published
Sep 19, 2024
SAP NetWeaver Administrator AS Java (Administrator Log Viewer plug-in) - version 7.50, allows an...
Critical
Unreviewed
CVE-2024-22127
was published
Mar 12, 2024
Incorrect access control in the User Registration page of Crypto Currency Tracker (CCT) before v9...
Critical
Unreviewed
CVE-2023-37759
was published
Sep 8, 2023
Apache Submarine Server Core Incorrect Authorization vulnerability
Critical
CVE-2024-36265
was published
for
apache-submarine
(Maven)
Jun 12, 2024
Agnai vulnerable to Remote Code Execution via JS Upload using Directory Traversal
Critical
CVE-2024-47169
was published
for
agnai
(npm)
Sep 26, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')...
Critical
Unreviewed
CVE-2024-5958
was published
Sep 18, 2024
The device enables an unauthorized attacker to execute system commands with elevated privileges....
Critical
Unreviewed
CVE-2024-9166
was published
Sep 26, 2024
An issue was discovered on ARRIS TG852G, TG862G, and TG1672G devices. A remote attacker (in...
Critical
Unreviewed
CVE-2023-40039
was published
Sep 11, 2023
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
Critical
Unreviewed
CVE-2024-5959
was published
Sep 18, 2024
The WooCommerce Photo Reviews Premium plugin for WordPress is vulnerable to authentication bypass...
Critical
Unreviewed
CVE-2024-8277
was published
Sep 11, 2024
The Jupiter X Core plugin for WordPress is vulnerable to arbitrary file uploads due to a...
Critical
Unreviewed
CVE-2024-7772
was published
Sep 26, 2024
NVIDIA Container Toolkit 1.16.1 or earlier contains a Time-of-check Time-of-Use (TOCTOU)...
Critical
Unreviewed
CVE-2024-0132
was published
Sep 26, 2024
An issue was discovered in linqi before 1.4.0.1 on Windows. There is LDAP injection.
Critical
Unreviewed
CVE-2024-33868
was published
May 14, 2024
SQL Injection vulnerability in DerbyNet v9.0 allows a remote attacker to execute arbitrary code...
Critical
Unreviewed
CVE-2024-30922
was published
Apr 18, 2024
Inappropriate implementation in V8 in Google Chrome prior to 126.0.6478.54 allowed a remote...
Critical
Unreviewed
CVE-2024-7024
was published
Sep 24, 2024
Vulnerability in the Oracle Web Applications Desktop Integrator product of Oracle E-Business...
Critical
Unreviewed
CVE-2022-21587
was published
Oct 19, 2022
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
Critical
Unreviewed
CVE-2024-6877
was published
Sep 18, 2024
eladmin v2.7 and before is vulnerable to Server-Side Request Forgery (SSRF) which allows an...
Critical
Unreviewed
CVE-2024-44677
was published
Sep 10, 2024
A remote authentication bypass issue exists in some
OneView APIs.
Critical
Unreviewed
CVE-2023-30909
was published
Sep 14, 2023
Vulnerability in the Oracle Access Manager product of Oracle Fusion Middleware (component:...
Critical
Unreviewed
CVE-2021-35587
was published
Jan 20, 2022
An issue in Notion for macOS version 3.1.0 and before, allows remote attackers to execute...
Critical
Unreviewed
CVE-2024-23743
was published
Jan 28, 2024
ProTip!
Advisories are also available from the
GraphQL API