GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,978
Erlang
29
GitHub Actions
16
Go
1,768
Maven
4,991
npm
3,537
NuGet
616
pip
3,107
Pub
10
RubyGems
837
Rust
786
Swift
34
Unreviewed advisories
All unreviewed
5,000+
94,400 advisories
Filter by severity
A Missing Release of Memory after Effective Lifetime vulnerability in the rtlogd process of...
High
Unreviewed
CVE-2024-39550
was published
Jul 11, 2024
An Uncontrolled Resource Consumption vulnerability in the H.323 ALG (Application Layer Gateway)...
High
Unreviewed
CVE-2024-39551
was published
Jul 11, 2024
An Improper Validation of Syntactic Correctness of Input vulnerability in the Packet Forwarding...
High
Unreviewed
CVE-2024-39542
was published
Jul 11, 2024
An Improper Check for Unusual or Exceptional Conditions vulnerability in the Packet Forwarding...
High
Unreviewed
CVE-2024-39519
was published
Jul 11, 2024
An Improper Neutralization of Special Elements vulnerability in Juniper Networks Junos OS Evolved...
High
Unreviewed
CVE-2024-39520
was published
Jul 11, 2024
Mimekit has vulnerable dependency that can lead to denial of service
High
GHSA-gmc6-fwg3-75m5
was published
for
MimeKit
(NuGet)
Jul 11, 2024
The TLS certificate validation code is flawed. An attacker can obtain a TLS certificate from the...
High
Unreviewed
CVE-2024-28872
was published
Jul 11, 2024
CWE-20: Improper Input Validation vulnerability exists that could cause local denial-of-service,...
High
Unreviewed
CVE-2024-5681
was published
Jul 11, 2024
The WP ERP plugin for WordPress is vulnerable to SQL Injection via the ‘vendor_id’ parameter in...
High
Unreviewed
CVE-2024-6666
was published
Jul 11, 2024
CWE-787: Out-of-Bounds Write vulnerability exists that could cause local denial-of-service, or...
High
Unreviewed
CVE-2024-5679
was published
Jul 11, 2024
CWE-129: Improper Validation of Array Index vulnerability exists that could cause local denial-of...
High
Unreviewed
CVE-2024-5680
was published
Jul 11, 2024
CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path
Traversal')...
High
Unreviewed
CVE-2024-2602
was published
Jul 11, 2024
The VikRentCar Car Rental Management System WordPress plugin before 1.3.2 does not have CSRF...
High
Unreviewed
CVE-2024-1845
was published
Jul 11, 2024
VMware Aria Automation does not apply correct input validation which allows for SQL-injection in...
High
Unreviewed
CVE-2024-22280
was published
Jul 11, 2024
A vulnerability in gaizhenbiao/chuanhuchatgpt version 20240410 allows an attacker to create...
High
Unreviewed
CVE-2024-6037
was published
Jul 11, 2024
A vulnerability in gaizhenbiao/chuanhuchatgpt version 20240410 allows any user to restart the...
High
Unreviewed
CVE-2024-6036
was published
Jul 11, 2024
An Uncontrolled Resource Consumption vulnerability in the
Layer 2 Address Learning Daemon ...
High
Unreviewed
CVE-2024-39557
was published
Jul 11, 2024
An Unchecked Return Value vulnerability in the Routing Protocol Daemon (rpd) on Juniper Networks...
High
Unreviewed
CVE-2024-39558
was published
Jul 11, 2024
An Improper Check for Unusual or Exceptional Conditions vulnerability in packet processing of...
High
Unreviewed
CVE-2024-39559
was published
Jul 11, 2024
An Improper Handling of Exceptional Conditions vulnerability in the Routing Protocol Daemon (RPD)...
High
Unreviewed
CVE-2024-39555
was published
Jul 11, 2024
An Improper Neutralization of Data within XPath Expressions ('XPath Injection') vulnerability in...
High
Unreviewed
CVE-2024-39565
was published
Jul 11, 2024
The FULL – Cliente plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the...
High
Unreviewed
CVE-2024-6447
was published
Jul 11, 2024
A Missing Release of Resource after Effective Lifetime vulnerability the xinetd process,...
High
Unreviewed
CVE-2024-39562
was published
Jul 11, 2024
A Stack-Based Buffer Overflow vulnerability in Juniper Networks Junos OS and Juniper Networks...
High
Unreviewed
CVE-2024-39556
was published
Jul 11, 2024
An Improper Handling of Exceptional Conditions vulnerability in the routing protocol daemon (rpd)...
High
Unreviewed
CVE-2024-39560
was published
Jul 11, 2024
ProTip!
Advisories are also available from the
GraphQL API