Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,968
Erlang
29
GitHub Actions
16
Go
1,752
Maven
4,982
npm
3,516
NuGet
609
pip
3,090
Pub
10
RubyGems
832
Rust
782
Swift
34
Unreviewed advisories
All unreviewed
5,000+

93,478 advisories

Loading
Cross Site Scripting (XSS) vulnerability in Averta Master Slider allows Reflected XSS.This issue... High Unreviewed
CVE-2024-37222 was published Jun 20, 2024
Undertow's url-encoded request path information can be broken on ajp-listener High
CVE-2024-6162 was published for io.undertow:undertow-core (Maven) Jun 20, 2024
A vulnerability was found in Tenda A301 15.13.08.12. It has been classified as critical. Affected... High Unreviewed
CVE-2024-6189 was published Jun 20, 2024
A vulnerability was found in itsourcecode Farm Management System 1.0. It has been rated as... High Unreviewed
CVE-2024-6190 was published Jun 20, 2024
A vulnerability classified as critical was found in itsourcecode Loan Management System 1.0. This... High Unreviewed
CVE-2024-6192 was published Jun 20, 2024
A vulnerability classified as critical has been found in itsourcecode Student Management System 1... High Unreviewed
CVE-2024-6191 was published Jun 20, 2024
IBM WebSphere Application Server 8.5 and 9.0 is vulnerable to identity spoofing by an... High Unreviewed
CVE-2024-37532 was published Jun 20, 2024
There is an unauthorized access vulnerability in ZTE H388X. If H388X is caused by brute-force... High Unreviewed
CVE-2023-25646 was published Jun 20, 2024
The Media Library Assistant plugin for WordPress is vulnerable to time-based SQL Injection via... High Unreviewed
CVE-2024-5605 was published Jun 20, 2024
A vulnerability was found in itsourcecode Monbela Tourist Inn Online Reservation System 1.0. It... High Unreviewed
CVE-2024-6113 was published Jun 20, 2024
The Custom Field Suite plugin for WordPress is vulnerable to SQL Injection via the the 'Term'... High Unreviewed
CVE-2024-3561 was published Jun 20, 2024
The Export WP Page to Static HTML/CSS plugin for WordPress is vulnerable to Open Redirect in all... High Unreviewed
CVE-2024-3597 was published Jun 20, 2024
The Custom Field Suite plugin for WordPress is vulnerable to PHP Code Injection in all versions... High Unreviewed
CVE-2024-3562 was published Jun 20, 2024
Use after free in Dawn in Google Chrome prior to 126.0.6478.114 allowed a remote attacker to... High Unreviewed
CVE-2024-6103 was published Jun 20, 2024
Type Confusion in V8 in Google Chrome prior to 126.0.6478.114 allowed a remote attacker to... High Unreviewed
CVE-2024-6100 was published Jun 20, 2024
Inappropriate implementation in V8 in Google Chrome prior to 126.0.6478.114 allowed a remote... High Unreviewed
CVE-2024-6101 was published Jun 20, 2024
LocalAI path traversal vulnerability High
CVE-2024-5182 was published for github.com/go-skynet/LocalAI (Go) Jun 20, 2024
Out of bounds memory access in Dawn in Google Chrome prior to 126.0.6478.114 allowed a remote... High Unreviewed
CVE-2024-6102 was published Jun 20, 2024
Missing Authorization vulnerability in ThemePunch OHG Slider Revolution.This issue affects Slider... High Unreviewed
CVE-2024-34444 was published Jun 19, 2024
Missing Authorization vulnerability in Saturday Drive Ninja Forms.This issue affects Ninja Forms:... High Unreviewed
CVE-2023-38393 was published Jun 19, 2024
Missing Authorization vulnerability in ThimPress LearnPress.This issue affects LearnPress: from n... High Unreviewed
CVE-2023-36515 was published Jun 19, 2024
Missing Authorization vulnerability in ThimPress LearnPress.This issue affects LearnPress: from n... High Unreviewed
CVE-2023-36516 was published Jun 19, 2024
IBM Storage Protect for Virtual Environments: Data Protection for VMware 8.1.0.0 through 8.1.22.0... High Unreviewed
CVE-2024-38329 was published Jun 19, 2024
Missing Authorization vulnerability in Woo WooCommerce Warranty Requests.This issue affects... High Unreviewed
CVE-2023-37870 was published Jun 19, 2024
Missing Authorization vulnerability in WooCommerce WooCommerce Stripe Payment Gateway.This issue... High Unreviewed
CVE-2023-35049 was published Jun 19, 2024
ProTip! Advisories are also available from the GraphQL API