GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,968
Erlang
29
GitHub Actions
16
Go
1,749
Maven
4,978
npm
3,509
NuGet
609
pip
3,084
Pub
10
RubyGems
832
Rust
782
Swift
34
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
18,799 advisories
Filter by severity
Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability
Critical
Unreviewed
CVE-2024-30080
was published
Jun 11, 2024
vulnerability exists in the FOXMAN-UN/UNEM server / API Gateway that if exploited an attacker...
Critical
Unreviewed
CVE-2024-2012
was published
Jun 11, 2024
An authentication bypass vulnerability exists in the FOXMAN-UN/UNEM server /
API Gateway...
Critical
Unreviewed
CVE-2024-2013
was published
Jun 11, 2024
A vulnerability has been identified in PowerSys (All versions < V3.11). The affected application...
Critical
Unreviewed
CVE-2024-36266
was published
Jun 11, 2024
The Blog2Social: Social Media Auto Post & Scheduler plugin for WordPress is vulnerable to SQL...
Critical
Unreviewed
CVE-2024-3549
was published
Jun 11, 2024
Hard-coded JWT secret allows authentication bypass in Veeam Recovery Orchestrator
Critical
Unreviewed
CVE-2024-29855
was published
Jun 11, 2024
Sourcecodester Online Medicine Ordering System 1.0 is vulnerable to Arbitrary file deletion...
Critical
Unreviewed
CVE-2024-32167
was published
Jun 10, 2024
GitHub access token could be exposed to third-party sites in JetBrains IDEs after version 2023.1...
Critical
Unreviewed
CVE-2024-37051
was published
Jun 10, 2024
Unrestricted Upload of File with Dangerous Type vulnerability in Asghar Hatampoor BuddyPress...
Critical
Unreviewed
CVE-2024-35746
was published
Jun 10, 2024
SeaCMS 12.9 has a file deletion vulnerability via admin_template.php.
Critical
Unreviewed
CVE-2024-31611
was published
Jun 10, 2024
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in...
Critical
Unreviewed
CVE-2024-35677
was published
Jun 10, 2024
Vulnerability discovered by executing a planned security audit.
Improper Limitation of a...
Critical
Unreviewed
CVE-2024-34762
was published
Jun 10, 2024
Use of hard-coded password to the patients' database allows an attacker to retrieve sensitive...
Critical
Unreviewed
CVE-2024-3699
was published
Jun 10, 2024
Use of hard-coded password to the patients' database allows an attacker to retrieve sensitive...
Critical
Unreviewed
CVE-2024-1228
was published
Jun 10, 2024
Use of hard-coded password to the patients' database allows an attacker to retrieve sensitive...
Critical
Unreviewed
CVE-2024-3700
was published
Jun 10, 2024
In PHP versions 8.1.* before 8.1.29, 8.2.* before 8.2.20, 8.3.* before 8.3.8, when using Apache...
Critical
Unreviewed
CVE-2024-4577
was published
Jun 9, 2024
Missing Authorization vulnerability in UkrSolution Barcode Scanner with Inventory & Order Manager...
Critical
Unreviewed
CVE-2024-33565
was published
Jun 9, 2024
Missing Authorization vulnerability in Bricksforge.This issue affects Bricksforge: from n/a...
Critical
Unreviewed
CVE-2024-31244
was published
Jun 9, 2024
Sourcecodester Pharmacy/Medical Store Point of Sale System 1.0 is vulnerable SQL Injection via...
Critical
Unreviewed
CVE-2024-36673
was published
Jun 7, 2024
The Quiz And Survey Master – Best Quiz, Exam and Survey Plugin for WordPress plugin for WordPress...
Critical
Unreviewed
CVE-2024-3592
was published
Jun 7, 2024
In lunary-ai/lunary version 1.2.2, a business logic error allows users to bypass the intended...
Critical
Unreviewed
CVE-2024-5132
was published
Jun 6, 2024
A remote code execution (RCE) vulnerability exists in the '/install_extension' endpoint of the...
Critical
Unreviewed
CVE-2024-4320
was published
Jun 6, 2024
A Server-Side Request Forgery (SSRF) vulnerability exists in the upload link feature of mintplex...
Critical
Unreviewed
CVE-2024-3149
was published
Jun 6, 2024
An Insecure Direct Object Reference (IDOR) vulnerability was identified in lunary-ai/lunary,...
Critical
Unreviewed
CVE-2024-5128
was published
Jun 6, 2024
A vulnerability in the PyTorch's torch.distributed.rpc framework, specifically in versions prior...
Critical
Unreviewed
CVE-2024-5480
was published
Jun 6, 2024
ProTip!
Advisories are also available from the
GraphQL API