Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,029
Erlang
29
GitHub Actions
16
Go
1,832
Maven
5,000+
npm
3,573
NuGet
632
pip
3,158
Pub
10
RubyGems
847
Rust
797
Swift
34
Unreviewed advisories
All unreviewed
5,000+

102 advisories

Loading
A vulnerability has been found in itsourcecode Airline Reservation System 1.0 and classified as... Moderate Unreviewed
CVE-2024-7496 was published Aug 6, 2024
A vulnerability was found in itsourcecode Airline Reservation System 1.0 and classified as... Moderate Unreviewed
CVE-2024-7497 was published Aug 6, 2024
A vulnerability in the JSON file handling of gaizhenbiao/chuanhuchatgpt version 20240410 allows... High Unreviewed
CVE-2024-6255 was published Jul 31, 2024
An issue was discovered in provd before version 0.1.5 with a setuid binary, which allows a local... High Unreviewed
CVE-2024-6714 was published Jul 23, 2024
A vulnerability, which was classified as problematic, was found in formtools.org Form Tools 3.1.1... Moderate Unreviewed
CVE-2024-6937 was published Jul 21, 2024
External Control of File Name or Path (CWE-73) in the Controller 6000 and Controller 7000 allows... Moderate Unreviewed
CVE-2024-23317 was published Jul 11, 2024
Windows Distributed Transaction Coordinator Remote Code Execution Vulnerability Moderate Unreviewed
CVE-2024-38049 was published Jul 9, 2024
Weblate vulnerable to improper sanitization of project backups Moderate
CVE-2024-39303 was published for Weblate (pip) Jul 1, 2024
quehill
External Control of File Name or Path in GitHub repository stitionai/devika prior to -. High Unreviewed
CVE-2024-5334 was published Jun 27, 2024
Remote Command program allows an attacker to read any file using a Local File Inclusion... Moderate Unreviewed
CVE-2024-27175 was published Jun 14, 2024
Remote code execution in web server context High
CVE-2024-37295 was published for aimeos/aimeos-core (Composer) Jun 5, 2024
ssshah2131
A vulnerability in the Tail-f High Availability Cluster Communications (HCC) function pack of... High Unreviewed
CVE-2024-20366 was published May 15, 2024
A vulnerability has been identified in RUGGEDCOM CROSSBOW (All versions < V5.5). The affected... High Unreviewed
CVE-2024-27943 was published May 14, 2024
Dell PowerScale OneFS versions 8.2.x through 9.7.0.2 contains an external control of file name or... Moderate Unreviewed
CVE-2024-25965 was published May 14, 2024
A vulnerability has been identified in RUGGEDCOM CROSSBOW (All versions < V5.5). The affected... High Unreviewed
CVE-2024-27944 was published May 14, 2024
A vulnerability has been identified in RUGGEDCOM CROSSBOW (All versions < V5.5). The bulk import... High Unreviewed
CVE-2024-27945 was published May 14, 2024
A vulnerability was found in Campcodes Online Laundry Management System 1.0 and classified as... Moderate Unreviewed
CVE-2024-4818 was published May 14, 2024
NVIDIA Triton Inference Server for Linux contains a vulnerability where a user can set the... Critical Unreviewed
CVE-2024-0087 was published May 14, 2024
NVIDIA Triton Inference Server for Linux contains a vulnerability in the tracing API, where a... Moderate Unreviewed
CVE-2024-0100 was published May 14, 2024
An issue was discovered in Logpoint before 7.4.0. It allows Local File Inclusion (LFI) when an... Moderate Unreviewed
CVE-2024-33860 was published May 7, 2024
timber/timber vulnerable to Deserialization of Untrusted Data High
CVE-2024-29800 was published for timber/timber (Composer) Apr 12, 2024
Sonicrrrr dennisenderink
An external control of file name or path vulnerability [CWE-73] in FortiClientMac version 7.2.3... High Unreviewed
CVE-2024-31492 was published Apr 10, 2024
A file write vulnerability exists in the OAS Engine Tags Configuration functionality of Open... Moderate Unreviewed
CVE-2024-21870 was published Apr 3, 2024
A file write vulnerability exists in the OAS Engine Save Security Configuration functionality of... Moderate Unreviewed
CVE-2024-22178 was published Apr 3, 2024
Voilà Local file inclusion High
CVE-2024-30265 was published for voila (pip) Apr 3, 2024
ericfinger trungleduc
martinRenou Carreau
ProTip! Advisories are also available from the GraphQL API