GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
20
Go
1,998
Maven
5,000+
npm
3,710
NuGet
661
pip
3,364
Pub
11
RubyGems
885
Rust
846
Swift
36
Unreviewed advisories
All unreviewed
5,000+
11,100 advisories
Filter by severity
Cross Site Scripting vulnerability in Gibbon before v.27.0.01 and fixed in v.28.0.00 allows a...
Low
Unreviewed
CVE-2024-51337
was published
Nov 21, 2024
In the process of testing the SEO Plugin by Squirrly SEO WordPress plugin before 12.3.21, a...
Low
Unreviewed
CVE-2024-10515
was published
Nov 20, 2024
Missing Authorization vulnerability in ThemeIsle Otter - Gutenberg Block allows Exploiting...
Low
Unreviewed
CVE-2024-51671
was published
Nov 19, 2024
Harden-Runner has a command injection weaknesses in `setup.ts` and `arc-runner.ts`
Low
CVE-2024-52587
was published
for
step-security/harden-runner
(GitHub Actions)
Nov 18, 2024
The CM Table Of Contents WordPress plugin before 1.2.3 does not have CSRF check in place when...
Low
Unreviewed
CVE-2024-5030
was published
Nov 18, 2024
Regular Expression Denial of Service (ReDoS) in @eslint/plugin-kit
Low
CVE-2024-21539
was published
for
@eslint/plugin-kit
(npm)
Nov 15, 2024
Hathway Skyworth Router CM5100-511 v4.1.1.24 was discovered to store sensitive information about...
Low
Unreviewed
CVE-2024-46383
was published
Nov 15, 2024
A Cross-Site Scripting (XSS) vulnerability in phpipam/phpipam versions prior to 1.4.7 allows...
Low
Unreviewed
CVE-2022-1226
was published
Nov 15, 2024
A SQL Injection vulnerability was found in /admin/school_year.php in kashipara E-learning...
Low
Unreviewed
CVE-2024-50825
was published
Nov 14, 2024
A SQL Injection vulnerability was found in /admin/add_content.php in kashipara E-learning...
Low
Unreviewed
CVE-2024-50826
was published
Nov 14, 2024
A SQL Injection vulnerability was found in /admin/add_subject.php in kashipara E-learning...
Low
Unreviewed
CVE-2024-50827
was published
Nov 14, 2024
A SQL Injection vulnerability was found in /admin/edit_subject.php in kashipara E-learning...
Low
Unreviewed
CVE-2024-50829
was published
Nov 14, 2024
A SQL Injection vulnerability was found in /admin/calendar_of_events.php in kashipara E-learning...
Low
Unreviewed
CVE-2024-50830
was published
Nov 14, 2024
A SQL Injection vulnerability was found in /admin/edit_department.php in kashipara E-learning...
Low
Unreviewed
CVE-2024-50828
was published
Nov 14, 2024
A SQL Injection was found in /admin/admin_user.php in kashipara E-learning Management System...
Low
Unreviewed
CVE-2024-50831
was published
Nov 14, 2024
A SQL Injection vulnerability was found in /admin/class.php in kashipara E-learning Management...
Low
Unreviewed
CVE-2024-50824
was published
Nov 14, 2024
A SQL Injection vulnerability was found in /admin/login.php in kashipara E-learning Management...
Low
Unreviewed
CVE-2024-50823
was published
Nov 14, 2024
HCL Connections is vulnerable to a broken access control vulnerability that may allow an...
Low
Unreviewed
CVE-2024-42188
was published
Nov 14, 2024
A SQL Injection vulnerability was found in /admin/edit_class.php in kashipara E-learning...
Low
Unreviewed
CVE-2024-50832
was published
Nov 14, 2024
A SQL Injection was found in /admin/teachers.php in KASHIPARA E-learning Management System...
Low
Unreviewed
CVE-2024-50834
was published
Nov 14, 2024
A SQL Injection vulnerability was found in /admin/edit_student.php in KASHIPARA E-learning...
Low
Unreviewed
CVE-2024-50835
was published
Nov 14, 2024
A SQL Injection vulnerability was found in /login.php in KASHIPARA E-learning Management System...
Low
Unreviewed
CVE-2024-50833
was published
Nov 14, 2024
s2n-tls has undefined behavior at process exit
Low
GHSA-rp9h-rf7g-hwgr
was published
for
s2n-tls
(Rust)
Nov 14, 2024
An issue has been discovered in GitLab CE/EE affecting all versions starting from 16.3 before 17...
Low
Unreviewed
CVE-2024-9633
was published
Nov 14, 2024
Client use of server error message in PostgreSQL allows a server not trusted under current SSL or...
Low
Unreviewed
CVE-2024-10977
was published
Nov 14, 2024
ProTip!
Advisories are also available from the
GraphQL API