Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,968
Erlang
29
GitHub Actions
16
Go
1,749
Maven
4,978
npm
3,509
NuGet
609
pip
3,084
Pub
10
RubyGems
832
Rust
782
Swift
34
Unreviewed advisories
All unreviewed
5,000+

240,683 advisories

Loading
A shell injection vulnerability was discovered in ROS2 (Robot Operating System 2) Humble... Unknown Unreviewed
CVE-2024-29443 was published Apr 11, 2024
An issue was discovered in ROS2 (Robot Operating System 2) Humble Hawksbill in ROS_VERSION 2 and... Unknown Unreviewed
CVE-2024-29445 was published Apr 11, 2024
A vulnerability was found in SourceCodester Warehouse Management System 1.0. It has been declared... Moderate Unreviewed
CVE-2024-3612 was published Apr 11, 2024
A vulnerability was found in SourceCodester Warehouse Management System 1.0. It has been rated as... Moderate Unreviewed
CVE-2024-3613 was published Apr 11, 2024
An unauthorized node injection vulnerability has been identified in ROS2 Humble Hawksbill in... Unknown Unreviewed
CVE-2024-29439 was published Apr 11, 2024
Summernote vulnerable to cross-site scripting Moderate
CVE-2024-29504 was published for summernote (npm) Apr 11, 2024
SpiceDB: LookupSubjects may return partial results if a specific kind of relation is used Low
CVE-2024-32001 was published for github.com/authzed/spicedb (Go) Apr 10, 2024
Evmos transaction execution not accounting for all state transition after interaction with precompiles Critical
CVE-2024-32644 was published for github.com/evmos/evmos/v16 (Go) Apr 10, 2024
iczc
An issue in WWBN AVideo v.12.4 through v.14.2 allows a remote attacker to execute arbitrary code... Unknown Unreviewed
CVE-2024-31819 was published Apr 10, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Soflyy Import any XML or CSV File to WordPress... Moderate Unreviewed
CVE-2024-31939 was published Apr 10, 2024
An issue in PX4 Autopilot v.1.14.0 allows an attacker to manipulate the flight path allowing for... Unknown Unreviewed
CVE-2024-29460 was published Apr 10, 2024
Cross-Site Request Forgery (CSRF) vulnerability in realmag777 WOLF – WordPress Posts Bulk Editor... Moderate Unreviewed
CVE-2024-31430 was published Apr 10, 2024
HTML injection vulnerability in Enpass Password Manager Desktop Client 6.9.2 for Windows and... Unknown Unreviewed
CVE-2024-26362 was published Apr 10, 2024
A flaw was found in FreeIPA. This issue may allow a remote attacker to craft a HTTP request with... Moderate Unreviewed
CVE-2024-1481 was published Apr 10, 2024
Heap buffer overflow in ANGLE in Google Chrome prior to 123.0.6312.122 allowed a remote attacker... Unknown Unreviewed
CVE-2024-3516 was published Apr 10, 2024
An issue in Secure Lockdown Multi Application Edition v2.00.219 allows attackers to read... Unknown Unreviewed
CVE-2024-29502 was published Apr 10, 2024
An issue in the kiosk mode of Secure Lockdown Multi Application Edition v2.00.219 allows... Unknown Unreviewed
CVE-2024-29500 was published Apr 10, 2024
An issue discovered in Telesquare TLR-2005Ksh 1.0.0 and 1.1.4 allows attackers to run arbitrary... Unknown Unreviewed
CVE-2024-29269 was published Apr 10, 2024
An Open Redirect vulnerability was found in Sipwise C5 NGCP Dashboard below mr11.5.1. The Open... Unknown Unreviewed
CVE-2024-28344 was published Apr 10, 2024
Out of bounds memory access in Compositing in Google Chrome prior to 123.0.6312.122 allowed a... Unknown Unreviewed
CVE-2024-3157 was published Apr 10, 2024
Use after free in Dawn in Google Chrome prior to 123.0.6312.122 allowed a remote attacker to... Unknown Unreviewed
CVE-2024-3515 was published Apr 10, 2024
In the Linux kernel, the following vulnerability has been resolved: ALSA: gus: fix null pointer... Unknown Unreviewed
CVE-2021-47207 was published Apr 10, 2024
In the Linux kernel, the following vulnerability has been resolved: sched/fair: Prevent dead... Unknown Unreviewed
CVE-2021-47209 was published Apr 10, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Hidekazu Ishikawa X-T9, Hidekazu Ishikawa... Moderate Unreviewed
CVE-2024-31386 was published Apr 10, 2024
In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Update error... Unknown Unreviewed
CVE-2021-47212 was published Apr 10, 2024
ProTip! Advisories are also available from the GraphQL API