Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,967
Erlang
29
GitHub Actions
16
Go
1,748
Maven
4,978
npm
3,509
NuGet
609
pip
3,075
Pub
10
RubyGems
832
Rust
781
Swift
34
Unreviewed advisories
All unreviewed
5,000+

108,854 advisories

Loading
Zoho ManageEngine ITOM products versions from 128234 to 128248 are affected by the stored cross... Moderate Unreviewed
CVE-2024-36038 was published Jun 24, 2024
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2024-4754 was published Jun 24, 2024
Cross site scripting in Apache JSPWiki Moderate
CVE-2024-27136 was published for org.apache.jspwiki:jspwiki-main (Maven) Jun 24, 2024
Improper line feed handling in zenml Moderate
CVE-2024-4460 was published for zenml (pip) Jun 24, 2024
A vulnerability, which was classified as critical, has been found in lahirudanushka School... Moderate Unreviewed
CVE-2024-6276 was published Jun 24, 2024
A vulnerability was found in SourceCodester Simple Online Bidding System 1.0. It has been... Moderate Unreviewed
CVE-2024-6280 was published Jun 24, 2024
A vulnerability was found in lahirudanushka School Management System 1.0.0/1.0.1 and classified... Moderate Unreviewed
CVE-2024-6279 was published Jun 24, 2024
A vulnerability, which was classified as critical, was found in lahirudanushka School Management... Moderate Unreviewed
CVE-2024-6277 was published Jun 24, 2024
A vulnerability has been found in lahirudanushka School Management System 1.0.0/1.0.1 and... Moderate Unreviewed
CVE-2024-6278 was published Jun 24, 2024
A vulnerability classified as critical has been found in lahirudanushka School Management System... Moderate Unreviewed
CVE-2024-6274 was published Jun 24, 2024
A vulnerability classified as critical was found in lahirudanushka School Management System 1.0.0... Moderate Unreviewed
CVE-2024-6275 was published Jun 24, 2024
A vulnerability was found in SourceCodester Clinic Queuing System 1.0. It has been declared as... Moderate Unreviewed
CVE-2024-6273 was published Jun 24, 2024
Remote Code Execution in create_conda_env function in lollms Moderate
CVE-2024-3121 was published for lollms (pip) Jun 24, 2024
A Path Traversal vulnerability exists in the parisneo/lollms-webui, specifically within the ... Moderate Unreviewed
CVE-2024-4841 was published Jun 23, 2024
A vulnerability has been found in Ruijie RG-UAC 1.0 and classified as critical. This... Moderate Unreviewed
CVE-2024-6269 was published Jun 23, 2024
A vulnerability classified as critical has been found in Pear Admin Boot up to 2.0.2. Affected is... Moderate Unreviewed
CVE-2024-6266 was published Jun 23, 2024
The ARMember Premium plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions... Moderate Unreviewed
CVE-2024-5596 was published Jun 22, 2024
Open redirect in gradio Moderate
CVE-2024-4940 was published for gradio (pip) Jun 22, 2024
The Bricks Builder plugin for WordPress is vulnerable to Insecure Direct Object Reference in all... Moderate Unreviewed
CVE-2024-4874 was published Jun 22, 2024
Arbitrary File Creation in opencart Moderate
CVE-2024-21519 was published for opencart/opencart (Composer) Jun 22, 2024
Cross site scripting in opencart Moderate
CVE-2024-21516 was published for opencart/opencart (Composer) Jun 22, 2024
Cross site scripting in opencart Moderate
CVE-2024-21515 was published for opencart/opencart (Composer) Jun 22, 2024
Cross site scripting in opencart Moderate
CVE-2024-21517 was published for opencart/opencart (Composer) Jun 22, 2024
The Grey Opaque theme for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘url’... Moderate Unreviewed
CVE-2024-5966 was published Jun 22, 2024
The Mosaic theme for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘link’... Moderate Unreviewed
CVE-2024-5965 was published Jun 22, 2024
ProTip! Advisories are also available from the GraphQL API