Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,055
Erlang
29
GitHub Actions
19
Go
1,889
Maven
5,000+
npm
3,605
NuGet
638
pip
3,208
Pub
10
RubyGems
852
Rust
816
Swift
35
Unreviewed advisories
All unreviewed
5,000+

112,833 advisories

Loading
A vulnerability has been identified in Node.js version 20, affecting users of the experimental... Moderate Unreviewed
CVE-2023-30582 was published Sep 7, 2024
Maliciously crafted export names in an imported WebAssembly module can inject JavaScript code.... Moderate Unreviewed
CVE-2023-39333 was published Sep 7, 2024
IBM MQ Operator 2.0.26 and 3.2.4 could allow a local user to cause a denial of service due to... Moderate Unreviewed
CVE-2024-40680 was published Sep 7, 2024
A vulnerability was found in SourceCodester Clinics Patient Management System 2.0 and classified... Moderate Unreviewed
CVE-2024-8554 was published Sep 7, 2024
IBM Maximo Application Suite - Manage Component 8.10, 8.11, and 9.0 uses weaker than expected... Moderate Unreviewed
CVE-2024-37068 was published Sep 7, 2024
A vulnerability was found in SourceCodester Clinics Patient Management System 2.0. It has been... Moderate Unreviewed
CVE-2024-8555 was published Sep 7, 2024
A vulnerability classified as critical has been found in SourceCodester Food Ordering Management... Moderate Unreviewed
CVE-2024-8557 was published Sep 7, 2024
The Customizer Export/Import plugin for WordPress is vulnerable to arbitrary file uploads due to... Moderate Unreviewed
CVE-2024-7620 was published Sep 7, 2024
The Cost Calculator Builder PRO plugin for WordPress is vulnerable to price manipulation in all... Moderate Unreviewed
CVE-2024-6010 was published Sep 7, 2024
The Preloader Plus – WordPress Loading Screen Plugin plugin for WordPress is vulnerable to Stored... Moderate Unreviewed
CVE-2024-6849 was published Sep 7, 2024
A vulnerability was found in lmxcms up to 1.4 and classified as critical. Affected by this issue... Moderate Unreviewed
CVE-2024-8523 was published Sep 7, 2024
The Big File Uploads – Increase Maximum File Upload Size plugin for WordPress is vulnerable to... Moderate Unreviewed
CVE-2024-8538 was published Sep 7, 2024
A vulnerability, which was classified as problematic, was found in Wavelog up to 1.8.0. Affected... Moderate Unreviewed
CVE-2024-8521 was published Sep 7, 2024
Exposure of debug and metrics endpoints in Pomerium Moderate
CVE-2022-24797 was published for github.com/pomerium/pomerium (Go) Sep 6, 2024
gix-path improperly resolves configuration path reported by Git Moderate
CVE-2024-45405 was published for gix-path (Rust) Sep 6, 2024
EliahKagan
gnark's Groth16 commitment extension unsound for more than one commitment Moderate
CVE-2024-45039 was published for github.com/consensys/gnark (Go) Sep 6, 2024
maltezellic ivokub
gnark commitments to private witnesses in Groth16 as implemented break zero-knowledge property Moderate
CVE-2024-45040 was published for github.com/consensys/gnark (Go) Sep 6, 2024
maltezellic
A cross-site scripting (XSS) vulnerability has been reported to affect Notes Station 3. If... Moderate Unreviewed
CVE-2024-27126 was published Sep 6, 2024
A NULL pointer dereference vulnerability has been reported to affect several QNAP operating... Moderate Unreviewed
CVE-2023-51368 was published Sep 6, 2024
A path traversal vulnerability has been reported to affect several QNAP operating system versions... Moderate Unreviewed
CVE-2024-21904 was published Sep 6, 2024
A cross-site scripting (XSS) vulnerability has been reported to affect several QNAP operating... Moderate Unreviewed
CVE-2023-50366 was published Sep 6, 2024
An OS command injection vulnerability has been reported to affect several QNAP operating system... Moderate Unreviewed
CVE-2024-21906 was published Sep 6, 2024
An OS command injection vulnerability has been reported to affect several QNAP operating system... Moderate Unreviewed
CVE-2024-21903 was published Sep 6, 2024
A buffer copy without checking size of input vulnerability has been reported to affect several... Moderate Unreviewed
CVE-2024-32763 was published Sep 6, 2024
A buffer copy without checking size of input vulnerability has been reported to affect several... Moderate Unreviewed
CVE-2023-51367 was published Sep 6, 2024
ProTip! Advisories are also available from the GraphQL API