Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,978
Erlang
29
GitHub Actions
16
Go
1,768
Maven
4,991
npm
3,537
NuGet
616
pip
3,107
Pub
10
RubyGems
837
Rust
786
Swift
34
Unreviewed advisories
All unreviewed
5,000+

94,400 advisories

Loading
A Missing Release of Memory after Effective Lifetime vulnerability in the rtlogd process of... High Unreviewed
CVE-2024-39550 was published Jul 11, 2024
An Uncontrolled Resource Consumption vulnerability in the H.323 ALG (Application Layer Gateway)... High Unreviewed
CVE-2024-39551 was published Jul 11, 2024
An Improper Validation of Syntactic Correctness of Input vulnerability in the Packet Forwarding... High Unreviewed
CVE-2024-39542 was published Jul 11, 2024
An Improper Check for Unusual or Exceptional Conditions vulnerability in the Packet Forwarding... High Unreviewed
CVE-2024-39519 was published Jul 11, 2024
An Improper Neutralization of Special Elements vulnerability in Juniper Networks Junos OS Evolved... High Unreviewed
CVE-2024-39520 was published Jul 11, 2024
Mimekit has vulnerable dependency that can lead to denial of service High
GHSA-gmc6-fwg3-75m5 was published for MimeKit (NuGet) Jul 11, 2024
StefanJonssonInExchange
The TLS certificate validation code is flawed. An attacker can obtain a TLS certificate from the... High Unreviewed
CVE-2024-28872 was published Jul 11, 2024
CWE-20: Improper Input Validation vulnerability exists that could cause local denial-of-service,... High Unreviewed
CVE-2024-5681 was published Jul 11, 2024
The WP ERP plugin for WordPress is vulnerable to SQL Injection via the ‘vendor_id’ parameter in... High Unreviewed
CVE-2024-6666 was published Jul 11, 2024
CWE-787: Out-of-Bounds Write vulnerability exists that could cause local denial-of-service, or... High Unreviewed
CVE-2024-5679 was published Jul 11, 2024
CWE-129: Improper Validation of Array Index vulnerability exists that could cause local denial-of... High Unreviewed
CVE-2024-5680 was published Jul 11, 2024
CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')... High Unreviewed
CVE-2024-2602 was published Jul 11, 2024
The VikRentCar Car Rental Management System WordPress plugin before 1.3.2 does not have CSRF... High Unreviewed
CVE-2024-1845 was published Jul 11, 2024
VMware Aria Automation does not apply correct input validation which allows for SQL-injection in... High Unreviewed
CVE-2024-22280 was published Jul 11, 2024
A vulnerability in gaizhenbiao/chuanhuchatgpt version 20240410 allows an attacker to create... High Unreviewed
CVE-2024-6037 was published Jul 11, 2024
A vulnerability in gaizhenbiao/chuanhuchatgpt version 20240410 allows any user to restart the... High Unreviewed
CVE-2024-6036 was published Jul 11, 2024
An Uncontrolled Resource Consumption vulnerability in the Layer 2 Address Learning Daemon ... High Unreviewed
CVE-2024-39557 was published Jul 11, 2024
An Unchecked Return Value vulnerability in the Routing Protocol Daemon (rpd) on Juniper Networks... High Unreviewed
CVE-2024-39558 was published Jul 11, 2024
An Improper Check for Unusual or Exceptional Conditions vulnerability in packet processing of... High Unreviewed
CVE-2024-39559 was published Jul 11, 2024
An Improper Handling of Exceptional Conditions vulnerability in the Routing Protocol Daemon (RPD)... High Unreviewed
CVE-2024-39555 was published Jul 11, 2024
An Improper Neutralization of Data within XPath Expressions ('XPath Injection') vulnerability in... High Unreviewed
CVE-2024-39565 was published Jul 11, 2024
The FULL – Cliente plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the... High Unreviewed
CVE-2024-6447 was published Jul 11, 2024
A Missing Release of Resource after Effective Lifetime vulnerability the xinetd process,... High Unreviewed
CVE-2024-39562 was published Jul 11, 2024
A Stack-Based Buffer Overflow vulnerability in Juniper Networks Junos OS and Juniper Networks... High Unreviewed
CVE-2024-39556 was published Jul 11, 2024
An Improper Handling of Exceptional Conditions vulnerability in the routing protocol daemon (rpd)... High Unreviewed
CVE-2024-39560 was published Jul 11, 2024
ProTip! Advisories are also available from the GraphQL API