GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,968
Erlang
29
GitHub Actions
16
Go
1,749
Maven
4,978
npm
3,509
NuGet
609
pip
3,084
Pub
10
RubyGems
832
Rust
782
Swift
34
Unreviewed advisories
All unreviewed
5,000+
240,683 advisories
Filter by severity
A shell injection vulnerability was discovered in ROS2 (Robot Operating System 2) Humble...
Unknown
Unreviewed
CVE-2024-29443
was published
Apr 11, 2024
An issue was discovered in ROS2 (Robot Operating System 2) Humble Hawksbill in ROS_VERSION 2 and...
Unknown
Unreviewed
CVE-2024-29445
was published
Apr 11, 2024
A vulnerability was found in SourceCodester Warehouse Management System 1.0. It has been declared...
Moderate
Unreviewed
CVE-2024-3612
was published
Apr 11, 2024
A vulnerability was found in SourceCodester Warehouse Management System 1.0. It has been rated as...
Moderate
Unreviewed
CVE-2024-3613
was published
Apr 11, 2024
An unauthorized node injection vulnerability has been identified in ROS2 Humble Hawksbill in...
Unknown
Unreviewed
CVE-2024-29439
was published
Apr 11, 2024
Summernote vulnerable to cross-site scripting
Moderate
CVE-2024-29504
was published
for
summernote
(npm)
Apr 11, 2024
SpiceDB: LookupSubjects may return partial results if a specific kind of relation is used
Low
CVE-2024-32001
was published
for
github.com/authzed/spicedb
(Go)
Apr 10, 2024
Evmos transaction execution not accounting for all state transition after interaction with precompiles
Critical
CVE-2024-32644
was published
for
github.com/evmos/evmos/v16
(Go)
Apr 10, 2024
An issue in WWBN AVideo v.12.4 through v.14.2 allows a remote attacker to execute arbitrary code...
Unknown
Unreviewed
CVE-2024-31819
was published
Apr 10, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Soflyy Import any XML or CSV File to WordPress...
Moderate
Unreviewed
CVE-2024-31939
was published
Apr 10, 2024
An issue in PX4 Autopilot v.1.14.0 allows an attacker to manipulate the flight path allowing for...
Unknown
Unreviewed
CVE-2024-29460
was published
Apr 10, 2024
Cross-Site Request Forgery (CSRF) vulnerability in realmag777 WOLF – WordPress Posts Bulk Editor...
Moderate
Unreviewed
CVE-2024-31430
was published
Apr 10, 2024
HTML injection vulnerability in Enpass Password Manager Desktop Client 6.9.2 for Windows and...
Unknown
Unreviewed
CVE-2024-26362
was published
Apr 10, 2024
A flaw was found in FreeIPA. This issue may allow a remote attacker to craft a HTTP request with...
Moderate
Unreviewed
CVE-2024-1481
was published
Apr 10, 2024
Heap buffer overflow in ANGLE in Google Chrome prior to 123.0.6312.122 allowed a remote attacker...
Unknown
Unreviewed
CVE-2024-3516
was published
Apr 10, 2024
An issue in Secure Lockdown Multi Application Edition v2.00.219 allows attackers to read...
Unknown
Unreviewed
CVE-2024-29502
was published
Apr 10, 2024
An issue in the kiosk mode of Secure Lockdown Multi Application Edition v2.00.219 allows...
Unknown
Unreviewed
CVE-2024-29500
was published
Apr 10, 2024
An issue discovered in Telesquare TLR-2005Ksh 1.0.0 and 1.1.4 allows attackers to run arbitrary...
Unknown
Unreviewed
CVE-2024-29269
was published
Apr 10, 2024
An Open Redirect vulnerability was found in Sipwise C5 NGCP Dashboard below mr11.5.1. The Open...
Unknown
Unreviewed
CVE-2024-28344
was published
Apr 10, 2024
Out of bounds memory access in Compositing in Google Chrome prior to 123.0.6312.122 allowed a...
Unknown
Unreviewed
CVE-2024-3157
was published
Apr 10, 2024
Use after free in Dawn in Google Chrome prior to 123.0.6312.122 allowed a remote attacker to...
Unknown
Unreviewed
CVE-2024-3515
was published
Apr 10, 2024
In the Linux kernel, the following vulnerability has been resolved:
ALSA: gus: fix null pointer...
Unknown
Unreviewed
CVE-2021-47207
was published
Apr 10, 2024
In the Linux kernel, the following vulnerability has been resolved:
sched/fair: Prevent dead...
Unknown
Unreviewed
CVE-2021-47209
was published
Apr 10, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Hidekazu Ishikawa X-T9, Hidekazu Ishikawa...
Moderate
Unreviewed
CVE-2024-31386
was published
Apr 10, 2024
In the Linux kernel, the following vulnerability has been resolved:
net/mlx5: Update error...
Unknown
Unreviewed
CVE-2021-47212
was published
Apr 10, 2024
ProTip!
Advisories are also available from the
GraphQL API