GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,968
Erlang
29
GitHub Actions
16
Go
1,752
Maven
4,982
npm
3,516
NuGet
609
pip
3,090
Pub
10
RubyGems
832
Rust
782
Swift
34
Unreviewed advisories
All unreviewed
5,000+
93,478 advisories
Filter by severity
Cross Site Scripting (XSS) vulnerability in Averta Master Slider allows Reflected XSS.This issue...
High
Unreviewed
CVE-2024-37222
was published
Jun 20, 2024
Undertow's url-encoded request path information can be broken on ajp-listener
High
CVE-2024-6162
was published
for
io.undertow:undertow-core
(Maven)
Jun 20, 2024
A vulnerability was found in Tenda A301 15.13.08.12. It has been classified as critical. Affected...
High
Unreviewed
CVE-2024-6189
was published
Jun 20, 2024
A vulnerability was found in itsourcecode Farm Management System 1.0. It has been rated as...
High
Unreviewed
CVE-2024-6190
was published
Jun 20, 2024
A vulnerability classified as critical was found in itsourcecode Loan Management System 1.0. This...
High
Unreviewed
CVE-2024-6192
was published
Jun 20, 2024
A vulnerability classified as critical has been found in itsourcecode Student Management System 1...
High
Unreviewed
CVE-2024-6191
was published
Jun 20, 2024
IBM WebSphere Application Server 8.5 and 9.0 is vulnerable to identity spoofing by an...
High
Unreviewed
CVE-2024-37532
was published
Jun 20, 2024
There is an unauthorized access vulnerability in ZTE H388X. If H388X is caused by brute-force...
High
Unreviewed
CVE-2023-25646
was published
Jun 20, 2024
The Media Library Assistant plugin for WordPress is vulnerable to time-based SQL Injection via...
High
Unreviewed
CVE-2024-5605
was published
Jun 20, 2024
A vulnerability was found in itsourcecode Monbela Tourist Inn Online Reservation System 1.0. It...
High
Unreviewed
CVE-2024-6113
was published
Jun 20, 2024
The Custom Field Suite plugin for WordPress is vulnerable to SQL Injection via the the 'Term'...
High
Unreviewed
CVE-2024-3561
was published
Jun 20, 2024
The Export WP Page to Static HTML/CSS plugin for WordPress is vulnerable to Open Redirect in all...
High
Unreviewed
CVE-2024-3597
was published
Jun 20, 2024
The Custom Field Suite plugin for WordPress is vulnerable to PHP Code Injection in all versions...
High
Unreviewed
CVE-2024-3562
was published
Jun 20, 2024
Use after free in Dawn in Google Chrome prior to 126.0.6478.114 allowed a remote attacker to...
High
Unreviewed
CVE-2024-6103
was published
Jun 20, 2024
Type Confusion in V8 in Google Chrome prior to 126.0.6478.114 allowed a remote attacker to...
High
Unreviewed
CVE-2024-6100
was published
Jun 20, 2024
Inappropriate implementation in V8 in Google Chrome prior to 126.0.6478.114 allowed a remote...
High
Unreviewed
CVE-2024-6101
was published
Jun 20, 2024
LocalAI path traversal vulnerability
High
CVE-2024-5182
was published
for
github.com/go-skynet/LocalAI
(Go)
Jun 20, 2024
Out of bounds memory access in Dawn in Google Chrome prior to 126.0.6478.114 allowed a remote...
High
Unreviewed
CVE-2024-6102
was published
Jun 20, 2024
Missing Authorization vulnerability in ThemePunch OHG Slider Revolution.This issue affects Slider...
High
Unreviewed
CVE-2024-34444
was published
Jun 19, 2024
Missing Authorization vulnerability in Saturday Drive Ninja Forms.This issue affects Ninja Forms:...
High
Unreviewed
CVE-2023-38393
was published
Jun 19, 2024
Missing Authorization vulnerability in ThimPress LearnPress.This issue affects LearnPress: from n...
High
Unreviewed
CVE-2023-36515
was published
Jun 19, 2024
Missing Authorization vulnerability in ThimPress LearnPress.This issue affects LearnPress: from n...
High
Unreviewed
CVE-2023-36516
was published
Jun 19, 2024
IBM Storage Protect for Virtual Environments: Data Protection for VMware 8.1.0.0 through 8.1.22.0...
High
Unreviewed
CVE-2024-38329
was published
Jun 19, 2024
Missing Authorization vulnerability in Woo WooCommerce Warranty Requests.This issue affects...
High
Unreviewed
CVE-2023-37870
was published
Jun 19, 2024
Missing Authorization vulnerability in WooCommerce WooCommerce Stripe Payment Gateway.This issue...
High
Unreviewed
CVE-2023-35049
was published
Jun 19, 2024
ProTip!
Advisories are also available from the
GraphQL API