Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,968
Erlang
29
GitHub Actions
16
Go
1,749
Maven
4,978
npm
3,509
NuGet
609
pip
3,084
Pub
10
RubyGems
832
Rust
782
Swift
34
Unreviewed advisories
All unreviewed
5,000+

93,441 advisories

Loading
IBM InfoSphere Information Server 11.7 is vulnerable to stored cross-site scripting. This... High Unreviewed
CVE-2024-28798 was published Jun 30, 2024
The WordPress Plugin for Google Maps – WP MAPS plugin for WordPress is vulnerable to SQL... High Unreviewed
CVE-2024-2386 was published Jun 29, 2024
iDRAC9, versions prior to 7.00.00.172 for 14th Generation and 7.10.50.00 for 15th and 16th... High Unreviewed
CVE-2024-25943 was published Jun 29, 2024
The Advanced File Manager plugin for WordPress is vulnerable to Sensitive Information Exposure in... High Unreviewed
CVE-2024-5598 was published Jun 29, 2024
Cross-Site Request Forgery (CSRF) in stitionai/devika High Unreviewed
CVE-2024-5712 was published Jun 29, 2024
Unlimited number of NTS-KE connections can crash ntpd-rs server High
CVE-2024-38528 was published for ntpd (Rust) Jun 28, 2024
A vulnerability classified as critical was found in Tenda A301 15.13.08.12. Affected by this... High Unreviewed
CVE-2024-6402 was published Jun 28, 2024
A vulnerability, which was classified as critical, has been found in Tenda A301 15.13.08.12.... High Unreviewed
CVE-2024-6403 was published Jun 28, 2024
IBM MQ 9.3 LTS and 9.3 CD could allow an authenticated user to escalate their privileges under... High Unreviewed
CVE-2024-31912 was published Jun 28, 2024
ntlk unsafe deserialization vulnerability High
CVE-2024-39705 was published for nltk (pip) Jun 28, 2024
Name confusion in x509 Subject Alternative Name fields High
CVE-2023-52892 was published for phpseclib/phpseclib (Composer) Jun 28, 2024
lollms vulnerable to path traversal due to unauthenticated root folder settings change High
CVE-2024-6085 was published for lollms (pip) Jun 27, 2024
lollms path traversal vulnerability allows overriding of config.yaml file, leading to RCE High
CVE-2024-5824 was published for lollms (pip) Jun 27, 2024
lollms vulnerable to dot-dot-slash path traversal in XTTS server High
CVE-2024-6139 was published for lollms (pip) Jun 27, 2024
h2o vulnerable to unexpected POST request shutting down server High
CVE-2024-5979 was published for h2o (pip) Jun 27, 2024
This Advisory describes an issue that impacts Arista Wireless Access Points. Any entity with the... High Unreviewed
CVE-2024-4578 was published Jun 27, 2024
Missing Authorization in stitionai/devika High Unreviewed
CVE-2024-5820 was published Jun 27, 2024
In lunary-ai/lunary version 1.2.4, an improper access control vulnerability allows members with... High Unreviewed
CVE-2024-5714 was published Jun 27, 2024
A Server-Side Request Forgery (SSRF) vulnerability exists in the upload processing interface of... High Unreviewed
CVE-2024-5822 was published Jun 27, 2024
stangirard/quivr version 0.0.236 contains a Server-Side Request Forgery (SSRF) vulnerability. The... High Unreviewed
CVE-2024-5885 was published Jun 27, 2024
An absolute path traversal vulnerability exists in parisneo/lollms-webui v9.6, specifically in... High Unreviewed
CVE-2024-6250 was published Jun 27, 2024
A Regular Expression Denial of Service (ReDoS) vulnerability exists in the latest version of... High Unreviewed
CVE-2024-6038 was published Jun 27, 2024
A path traversal vulnerability exists in gaizhenbiao/chuanhuchatgpt version 20240410, allowing... High Unreviewed
CVE-2024-6090 was published Jun 27, 2024
An unauthenticated IEEE 802.15.4 'co-ordinator realignment' packet can be used to force Zigbee... High Unreviewed
CVE-2024-3043 was published Jun 27, 2024
IBM Security Access Manager Docker 10.0.0.0 through 10.0.7.1 could allow a local user to obtain... High Unreviewed
CVE-2023-30998 was published Jun 27, 2024
ProTip! Advisories are also available from the GraphQL API