Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,224
Erlang
31
GitHub Actions
19
Go
1,990
Maven
5,000+
npm
3,706
NuGet
661
pip
3,336
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+

99,601 advisories

Loading
Cross-Site Request Forgery (CSRF) vulnerability in GentleSource Appointmind allows Stored XSS... High Unreviewed
CVE-2024-51679 was published Nov 15, 2024
Cross-Site Request Forgery (CSRF) vulnerability in GeekRMX Twitter @Anywhere Plus allows Stored... High Unreviewed
CVE-2024-51659 was published Nov 15, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Henrik Hoff WP Course Manager allows Stored... High Unreviewed
CVE-2024-51658 was published Nov 15, 2024
Unauthorized access vulnerability in the mobile application (com.transsion.phoenix) can lead to... High Unreviewed
CVE-2024-11206 was published Nov 14, 2024
Symfony has an Authentication Bypass via RememberMe High
CVE-2024-51996 was published for symfony/security-http (Composer) Nov 13, 2024
jderusse m0xr4
stof
Duplicate Advisory: .NET and Visual Studio Denial of Service Vulnerability High
GHSA-wmm6-pgp8-29hg was published for System.Formats.Nrbf (NuGet) Nov 12, 2024 withdrawn
Remote Code Execution on click of <a> Link in markdown preview High
CVE-2024-49362 was published for joplin (npm) Nov 14, 2024
jackfromeast
Restarting a run with revoked script approval allowed by Jenkins Pipeline: Declarative Plugin High
CVE-2024-52551 was published for org.jenkinsci.plugins:pipeline-model-parent (Maven) Nov 13, 2024
Stored XSS vulnerability in Jenkins Authorize Project Plugin High
CVE-2024-52552 was published for org.jenkins-ci.plugins:authorize-project (Maven) Nov 13, 2024
A race condition in Ivanti Secure Access Client before version 22.7R4 allows a local... High Unreviewed
CVE-2024-29211 was published Nov 13, 2024
In multiple functions in AppInfoBase.java, there is a possible way to manipulate app permission... High Unreviewed
CVE-2024-43088 was published Nov 13, 2024
Valid Host header field can cause Apache Traffic Server to crash on some platforms. This issue... High Unreviewed
CVE-2024-50305 was published Nov 14, 2024
Vulnerability of improper permission control in the window management module. Impact: Successful... High Unreviewed
CVE-2023-52713 was published Apr 7, 2024
Microsoft Dynamics 365 Customer Engagement Cross-Site Scripting Vulnerability. High Unreviewed
CVE-2022-21932 was published Jan 12, 2022
Windows Remote Access Connection Manager Elevation of Privilege Vulnerability. This CVE ID is... High Unreviewed
CVE-2022-21914 was published Jan 12, 2022
Windows Common Log File System Driver Elevation of Privilege Vulnerability. This CVE ID is unique... High Unreviewed
CVE-2022-21916 was published Jan 12, 2022
Windows Kerberos Elevation of Privilege Vulnerability. High Unreviewed
CVE-2022-21920 was published Jan 12, 2022
HEVC Video Extensions Remote Code Execution Vulnerability. High Unreviewed
CVE-2022-21917 was published Jan 12, 2022
Windows User Profile Service Elevation of Privilege Vulnerability. This CVE ID is unique from CVE... High Unreviewed
CVE-2022-21919 was published Jan 12, 2022
Remote Procedure Call Runtime Remote Code Execution Vulnerability. High Unreviewed
CVE-2022-21922 was published Jan 12, 2022
Windows Storage Elevation of Privilege Vulnerability. High Unreviewed
CVE-2022-21875 was published Jan 12, 2022
Win32k Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-21882. High Unreviewed
CVE-2022-21887 was published Jan 12, 2022
Windows Remote Access Connection Manager Elevation of Privilege Vulnerability. This CVE ID is... High Unreviewed
CVE-2022-21885 was published Jan 12, 2022
Microsoft Dynamics 365 (on-premises) Spoofing Vulnerability. High Unreviewed
CVE-2022-21891 was published Jan 12, 2022
Windows DWM Core Library Elevation of Privilege Vulnerability. This CVE ID is unique from CVE... High Unreviewed
CVE-2022-21896 was published Jan 12, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database