GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,640
Composer 4,231
Erlang 31
GitHub Actions 20
Go 1,991
Maven 5,178
npm 3,709
NuGet 661
pip 3,341
Pub 11
RubyGems 884
Rust 846
Swift 36

Unreviewed advisories

All unreviewed 234,564

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

810 advisories

Filter by severity

Sort by

Least recently updated

DataGear v5.0.0 and earlier was discovered to contain a SpEL (Spring Expression Language)... Critical Unreviewed

CVE-2024-37759 was published Jun 24, 2024

Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection'... Moderate Unreviewed

CVE-2024-35728 was published Jun 10, 2024

Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection'... Moderate Unreviewed

CVE-2024-35680 was published Jun 10, 2024

The EmailGPT service contains a prompt injection vulnerability. The service uses an API service... Moderate Unreviewed

CVE-2024-5184 was published Jun 5, 2024

Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection'... Moderate Unreviewed

CVE-2023-23738 was published Jun 4, 2024

An arbitrary file upload vulnerability in the component \modstudent\controller.php of Pisay... Critical Unreviewed

CVE-2024-34919 was published May 17, 2024

modules/Users/models/Module.php in Vtiger CRM 7.5.0 allows a remote authenticated attacker to run... High Unreviewed

CVE-2023-46304 was published Apr 30, 2024

Mattermost Jira plugin versions shipped with Mattermost versions 8.1.x before 8.1.10, 9.2.x... Moderate Unreviewed

CVE-2024-2445 was published Mar 15, 2024

This is a reflected cross site scripting vulnerability in the PaperCut NG/MF application server.... Moderate Unreviewed

CVE-2024-1883 was published Mar 14, 2024

This vulnerability allows an already authenticated admin user to create a malicious payload that... High Unreviewed

CVE-2024-1882 was published Mar 14, 2024

An injection vulnerability has been reported to affect several QNAP operating system versions. If... Moderate Unreviewed

CVE-2024-21900 was published Mar 8, 2024

An injection issue was addressed with improved input validation. This issue is fixed in macOS... High Unreviewed

CVE-2024-23268 was published Mar 8, 2024

An injection issue was addressed with improved input validation. This issue is fixed in macOS... High Unreviewed

CVE-2024-23274 was published Mar 8, 2024

Improper neutralization of special elements in output (CWE-74) used by the email generation... Moderate Unreviewed

CVE-2024-21838 was published Mar 5, 2024

A vulnerability has been found in rahman SelectCours 1.0 and classified as problematic. Affected... Moderate Unreviewed

CVE-2024-2064 was published Mar 1, 2024

Kaspersky has fixed a security issue in the Kaspersky Security 8.0 for Linux Mail Server. The... Moderate Unreviewed

CVE-2024-1619 was published Feb 29, 2024

IBM Operational Decision Manager 8.10.3, 8.10.4, 8.10.5.1, 8.11, 8.11.0.1, and 8.12.0.1 could... High Unreviewed

CVE-2024-22319 was published Feb 2, 2024

An issue in the cp_bbs_sig function in relic/src/cp/relic_cp_bbs.c of Relic relic-toolkit 0.6.0... High Unreviewed

CVE-2023-51939 was published Feb 1, 2024

The ark-commenteditor WordPress plugin through 2.15.6 does not properly sanitise or encode the... Moderate Unreviewed

CVE-2021-4227 was published Jan 16, 2024

Summary of Vulnerability A template injection vulnerability on older versions of Confluence Data... Critical Unreviewed

CVE-2023-22527 was published Jan 16, 2024

PAX Android based POS devices with PayDroid_8.1.0_Sagittarius_V11.1.50_20230614 or earlier can... High Unreviewed

CVE-2023-42136 was published Jan 15, 2024

PAX A920 device allows to downgrade bootloader due to a bug in its version check. The signature... High Unreviewed

CVE-2023-4818 was published Jan 15, 2024

PAX A920Pro/A50 devices with PayDroid_8.1.0_Sagittarius_V11.1.50_20230614 or earlier can allow... Moderate Unreviewed

CVE-2023-42135 was published Jan 15, 2024

Intumit inc. SmartRobot's web framwork has a remote code execution vulnerability. An unauthorized... Critical Unreviewed

CVE-2024-0552 was published Jan 15, 2024

NVIDIA DGX A100 BMC contains a vulnerability where an attacker may cause an LDAP user injection.... Moderate Unreviewed

CVE-2023-31025 was published Jan 12, 2024

Previous 1 2 3 4 5 6 … 32 33 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

810 advisories